Overview
- Google’s November advisory says threat actors push counterfeit VPNs using sexually suggestive ads, fake reviews and social engineering lures.
- The apps can deliver password stealers, banking trojans and remote access tools that exfiltrate browsing history, private messages and cryptocurrency wallet data.
- Some rogue services may appear to work by piggybacking on legitimate free VPN infrastructure, often yielding very slow and unreliable connections.
- Google links rising exposure to increased VPN use following online safety and age‑verification laws in the UK and US that restrict access to adult content.
- Users are urged to install only from official stores, look for the Play verified VPN badge, avoid sideloading and excessive permissions, and recognize that VPNs do not provide full anonymity.