Just by offering a useful (and usually expensive) service for free, hackers have been able to ensnare millions of victims

in the official app stores

Other key findings include:

  1. Avoid VPNs and other powerful software offered for free: Free VPN services often come with hidden costs. In this case, several free VPN applications were used to distribute malware. It is crucial to research and choose reputable VPN providers that offer transparency about their security practices and data handling policies. Similarly, other software that has access to your smart device’s sensitive data — even those offered in in the official app stores— available for free download and usage must be treated as potentially hazardous or insidious until proven otherwise.
  2. Trust no app: Free or otherwise, any app installed on a smart device could act normally upon installation, but host trojan features that pop up much later when you least expect it. Even fully legitimate, widely-used software can be turned into a global cyber threat if hackers find a zero day vulnerability in them. Therefore, follow the best practices for internet security and device security at all times.
  3. Check reviews and ratings: Before downloading any “free” software, check its reviews and ratings from reliable sources. Look for feedback regarding security issues and any past incidents of malware distribution. Note: hackers are fully capable of planting fake testimonials, so do your homework carefully: seek out authoritative reviews whose veracity can be verified in some way online.
  4. Understand device permissions and cyber hygiene: Be wary of the permissions requested by VPN and other free applications. If an app asks for excessive or unnecessary permissions, it could be a red flag. As for cyber hygiene, follow best practices for setting and maintaining complex, unique passwords, backing up personal data regularly, limiting the publishing of personal information on social media, and avoiding free public Wi-Fi and all kinds of juicy-sounding clickbait articles online.
  5. Use antivirus software: Ensure you have reputable cybersecurity software installed, and keep it updated and always “listening” for suspicious app activity. This can help detect and prevent malware infections from malicious software that has somehow managed to sneak into the device.