The apps on this screen are all fine, but not all suspect apps are on Android – the iPhone may be … [+]
Three iOS VPN apps have been reported by security researchers at Avast and called out because they don’t work and come with expensive subscriptions attached.
Now working from home is more common than it’s ever been, many of us have turned to Virtual Private Networks (VPNs) to keep our data and our web browsing completely private. If you’re an American living in China, for instance, it can be essential to use a VPN as the only way to access sites which the Chinese are not permitted to see. However, an untrusted VPN can be worse than none at all.
The Avast researchers said that three apps in the Apple App Store, all with high ratings scores of 4.7 to 4.8, were found to “overcharge users, do not provide the services they promote and appear to be ‘fleeceware.’ ”
The apps, which are still available in the Apple App Store, are Beetle VPN, Buckler VPN and Hat VPN Pro.
Nikolaos Chrysaidos, Avast’s head of Mobile Threats and Security, said, “Fleeceware apps fall into a gray area, because they are not malicious per se, they simply charge users absurd amounts of money for weekly, monthly or yearly subscriptions for features that should be offered at much lower costs.”
This seems almost an understatement.
The apps are free to download but to use the service requires an in-app purchase. After a three-day trial, users are charged $9.99. If that doesn’t seem that bad, bear in mind that that’s per week. Which works out at just over $519 a year.
But, steep though the price is, even that’s not the worst of it.
The Avast researchers found that when they had purchased a subscription and attempted to use the VPN, they were presented with prompts inviting them to buy access. Since they had a subscription, the app then showed an error message reminding them that they had a subscription already and were therefore unable to complete a connection to the VPN.
Expensive, then, and unusable.
The researchers have also suggested that the overwhelmingly positive reviews may be fakes.
“These apps are not behaving maliciously so they circumvent screening processes to be added to the official app stores’ that users trust,”Chrysaidos said.
It’s curious that the apps are still on the App Store. Of course, Apple has the rights to remove apps that are going against its policies. So, perhaps they won’t be there for much longer.
According to data from Sensor Tower, a mobile apps marketing intelligence and insights company, the apps have been downloaded a lot. One had over 420,000 downloads, another, 271,000, and the third 96,000 downloads between April 2019 and May 2020.
If you are one of these people, then canceling the app, at least, is simple.
Launch the App Store app, tap your profile in the top-right, choose subscriptions and cancel it from there.
VPNs are designed to win our trust and offer a safe haven. A dodgy VPN undoes all of that.
More on Forbes: