Skip to Content
© Wrightstudio |
Security & privacy

20 VPN apps tested – see which ones are vulnerable to malware

Software exploits are nothing new, but they can’t be ignored for too long. One critical exploit is enough for hackers to change your settings or sneak malware into your system without you knowing.

In fact, security flaws on the operating system level have led to devastating consequences for Windows users. Hackers even exploited corrupted font files to install malware in the past. Tap or click here to see how they did it.

Exploits are dangerous because they allow hackers to disguise their intentions using a program we trust. And that’s exactly what’s happening with several popular VPN programs. Thanks to flaws in their design, hackers can intercept update files and swap them with malware and viruses. If you use any of these VPNs, it might be time to switch.

VPNs can be hijacked by hackers

VPNs are supposed to protect your internet connection and keep it private, which means any security flaws in these kinds of programs are massive design failures. If your connection can be intercepted by something as dangerous as a hacker, is it really a private network at all? Tap or click here to see how Google Play VPNs contained malware.

Well, 20 different VPN services were recently investigated by researchers at VPNPro, who discovered a shocking flaw in a few prominent programs: An exploit that lets hackers intercept software updates.

Acting as “white hat hackers,” VPNPro rigged up a fake update and attempted to hijack the installation process for multiple VPN programs. Out of the 20 they investigated, Betternet and PrivateVPN were tricked into downloading the bogus update.

Out of the other VPNs tested, Torguard and Cyberghost were able to have their connections intercepted through the exploit, but did not download the fake update. Hotspot Shield (which is owned by the same company as Betternet) and could also be intercepted but were able to recognize the intrusion and disconnected from their servers.

According to the researchers, this proves that hackers could easily use this exploit to install malware like cryptocurrency miners, keystroke monitors or worse without users knowing. If it’s this easy to crack a security program like a VPN, how is anyone supposed to feel confident while privately browsing>?

How can I protect myself from this dangerous security exploit?

Fortunately, both Betternet and PrivateVPN were informed about the exploits and patched to prevent abuse of the issue. That said, we understand why users might be hesitant to continue working with these programs if they featured such blatant security holes in the past.

The report from VPNPro does have a silver lining, though: 14 out of the 20 programs investigated did not show any issues, and could not have their updates hijacked. This means that using them is preferable to the vulnerable programs, and you can rest easy knowing they passed this test with flying colors.

Interestingly, our sponsor ExpressVPN was one of the services that made the cut. Right out the gate, its connection couldn’t be compromised and it couldn’t be tricked into downloading the fake update. In addition to faster speeds and end-to-end encryption, these are just some of the reasons why it’s the only VPN Kim trusts.

Get an extra 3 months free of ExpressVPN when you sign up at

In spite of the security flaws discovered by VPNPro’s, you shouldn’t be scared away from using a VPN in the first place. You’re better off browsing the web with one than without.

All you have to worry about is choosing the right software — and thanks to VPNPro, we now have a better idea of what programs are worth picking. Tap or click here to see which one is the best to use.

Tech smarts in 2 minutes a day

Get my Daily Tech Update and the Digital Life Hack. Just one minute each and arm you with the tech knowledge you need to impress your boss and friends with how smart you are.