Google have recently removed a shady Android VPN App from the Play Store. Identified as SuperVPN Free VPN Client, this app boasted 100 million installs and had vulnerabilities allowing for MiTM attacks.
A couple of months ago, researchers from VPNpro shared a detailed study about various VPN apps on the Play Store exhibiting vulnerabilities. The most noteworthy of all was the SuperVPN Free VPN Client app, which exhibited shady behavior alongside security bugs.
Now, in a recent post, the researchers have shared more details about this app. As revealed, the app not only had vulnerabilities allowing man-in-the-middle (MiTM) attacks. Rather it also used blackhat SEO tactics to top up the Play Store.