"VPN Apps on Google Play Turn Android Devices Into Proxies"

Security researchers at Human Security discovered that dozens of VPN applications that turn Android devices into residential proxies were being offered on the Google Play store.  The researchers noted that all the identified malicious applications contained a Golang library responsible for enrolling the device as a proxy node and appeared linked to Asocks, a residential proxy seller.  At least 28 VPN applications containing the malicious library were submitted to Google Play.  After being notified, all apps have been removed from the store.  The researchers noted that residential proxy networks allow threat actors to route traffic through users’ devices and hide malicious activity, making it appear as if it originated from residential IP addresses instead of the attackers’ infrastructure.

SecurityWeek reports: "VPN Apps on Google Play Turn Android Devices Into Proxies"