Malware Apps Disguised as Free VPNs Are Spreading Rapidly: Cybersecurity Firm Warns

Malware Apps Posing as Free VPNs on the Rise, Warns Cybersecurity Firm A recent report from cybersecurity firm Cleafy has highlighted a growing threat in the form of malware apps masquerading as free virtual private networks (VPNs). The report, which warns against the "Klopatra" malware, comes as VPN usage surges in response to age-restriction laws. According to Cleafy's findings, the Klopatra malware infects personal devices by posing as a free VPN app called Mobdro Pro IP VPN. This is not an isolated incident, but rather part of a larger trend identified by Kaspersky security researchers in 2024. The researchers warned about the increasing number of malware apps pretending to be free VPNs, which has become more relevant than ever given the rising demand for VPN services. Mobdro is a popular IPTV app that has been taken down by the Spanish government at least once. However, the Mobdro Pro IP VPN app appears to be unrelated and uses the name as a malware vector. Once downloaded, the app guides users through what appears to be an installation wizard but is actually a series of steps designed to hand over total control of their device. "Cleafy believes that Klopatra has already infected around 3,000 devices, mainly in Italy and Spain," said a spokesperson for Cleafy. "The group behind Klopatra is likely using these compromised devices to launch further attacks." Klopatra abuses accessibility services to pose as the user, allowing it to enter banking apps, drain accounts, and assimilate devices into a botnet for future attacks. "This is a classic example of social engineering," said Alex Holden, Chief Information Security Officer at Hold Security. "The malware uses psychological manipulation to trick users into installing it, often through fake or misleading ads." The report concludes that the group behind Klopatra is likely using these compromised devices to launch further attacks. Cleafy warns that users should be cautious when downloading free VPN apps and instead opt for reputable services. As VPN usage continues to rise in response to age-restriction laws, cybersecurity experts are urging users to remain vigilant against such threats. "This trend highlights the importance of education and awareness in online security," said Holden. The Cleafy report serves as a stark reminder that malware apps posing as free VPNs are on the rise. As users increasingly rely on VPN services for online protection, it is essential to stay informed about emerging threats and take necessary precautions to protect personal devices. Background: VPN usage has surged in recent months due to age-restriction laws implemented by governments worldwide. These laws aim to restrict access to certain content based on a user's age. As a result, VPN services have become increasingly popular as users seek to bypass these restrictions. However, this increased demand for VPNs has also led to an increase in malware apps posing as free VPNs. These apps often use social engineering tactics to trick users into installing them, which can lead to compromised devices and further attacks. Additional Perspectives: Experts warn that the Klopatra malware is just one example of a larger trend. "We're seeing more and more malware apps masquerading as legitimate services," said Holden. "It's essential for users to remain vigilant and only download reputable VPN apps." Cleafy's report highlights the need for increased awareness about online security threats. "Users must be educated on how to identify and avoid such threats," said a spokesperson for Cleafy. Current Status and Next Developments: The Cleafy report serves as a warning to users about the growing threat of malware apps posing as free VPNs. As VPN usage continues to rise, cybersecurity experts urge users to remain vigilant against emerging threats. In response to this trend, Cleafy is urging users to exercise caution when downloading free VPN apps and instead opt for reputable services. "Users should be aware of the risks associated with free VPN apps and take necessary precautions to protect their devices," said a spokesperson for Cleafy. *Reporting by Engadget.*