Hidden Links: Analyzing Secret Families of VPN Apps - The Citizen Lab
citizenlab.ca
In this paper co-authored by the Citizen Lab's Jeffrey Knockel, researchers investigate the secret relationships between VPN operators and the vulnerabilities

cross-posted from: https://lemmy.sdf.org/post/40763938

Archived

A new research paper published by the Citizen Lab - “Hidden Links: Analyzing Secret Families of VPN Apps” (opens pdf) - has exposed how some popular Virtual Private Network (VPN) providers intentionally hide their true ownership and share security flaws.

The paper was co-authored by Benjamin Mixon-Baca, Jeffrey Knockel, and Jedidiah Crandall and published by Citizen Lab. Their study involved a deep analysis of apps from the Google Play Store, looking at everything from code similarities and network communications to business filings.

The companies distribute apps such as Turbo VPN, VPN Monster, and Snap VPN, and are linked to a Chinese national security firm, Qihoo 360 and have gone to great lengths to hide this fact from their 700+ million combined user bases.

Turbo VPN and Snap VPN were also named in the Tech Transparency Project’s June 2025 report, which cited national security concerns related to the possibility of these VPNs transferring data to China.

[…]

  • kbal@fedia.io
    2·
    2 days ago

    Meanwhile, my totally legit probably-not-a-front-for-Chinese-spies current VPN is now blocked by citizenlab.ca. Had to use tor to get there.