Google removes SuperVPN application from Play store
VPN applications are commonly used to prevent the user from identifying activities on the Internet to keep information confidential and Overcoming network constraints. For example, when using free WiFi in public places, such as restaurants and coffee shops, it is recommended to use VPN to perform certain activities such as banking transactions. That's why there are so many apps with this feature in the Google Play Store. One of the most used applications in this field is SuperVPN Free VPN Client with more than 100 million installations, which has recently been removed from the store by Google Play store due to critical vulnerabilities that allow for man-in-the-middle (MITM) attacks. When you search for the “vpn” keyword in Play store’s search bar, you’ll seen SuperVPN in the top 5 results.
The vulnerability of the man-in-the-middle makes all the information exchanged between the user and the server providing the service by an attacker visible in the middle of the path. In this scenario, the attacker can view all user requests or modify them and send them to the destination. The attacker can also redirect the user to fake pages in response to requests. This can lead user to fake phishing pages or download malicious files by user. Phishing pages are fake pages that are similar to the original version, and the user provides this information to the attacker by entering their personal information, such as passwords.
If you use this application and installed it on your mobile phone, stop using it and remove it from your mobile phone.