Now, in a recent post, the researchers have shared more details about this app. As revealed, the app not only had vulnerabilities allowing man-in-the-middle (MiTM) attacks. Rather it also used blackhat SEO tactics to top up the Play Store.
Briefly, the app has its hardcoded encryption key stored within, allowing anyone accessing the key to decrypt all the data. Plus, it also became possible for an adversary to change the app’s data server. As explained by the researchers,
We discovered that SuperVPN connects with multiple hosts. On one of these hosts, we discovered that a package (payload) was being sent from the app via unsecured HTTP… After more digging, we found that the payload actually contained the key needed to decrypt the information. After decrypting and decoding this data, we found it contained sensitive server information, its certificates, and the credentials that the VPN server needs for authentication. Once we had this information, we replaced the real SuperVPN server data with our own server data.In addition, the app also had no precise information regarding the owner – a clear violation of Google’s policy. We suggest you to look at le migliori vpn for verified VPN sites
Another app claiming to be the paid version of the VPN from the same developers still exists.
