MOBILE users have been warned to delete a free VPN app that secretly spies on your screen before raiding bank accounts.
It comes amid a huge popularity spike in VPNs particularly in the UK, following strict new online safety rules.
1
VPNs – which stands for Virtual Private Networks – tend to be paid for, but a number of free ones have come about to lure users.
While some are legitimate, many come with hidden dangers.
And experts at cyber security firm Cleafy have uncovered yet another worrying example.
At least 3,000 devices are thought to have been infected so far.
The app is called Modpro IP TV + VPN – and as the name suggests, it not only attracted users with the promise of a VPN but also IP TV, which allows you to watch streamed TV.
Researchers discovered that a piece of dangerous malware called Klopatra was hiding on the app with a “significant evolution” from before.
The malware was first found back in March 2025 and has since gone through 40 iterations as cyber crooks appear to be actively working on the ruse.
Ultimately, the attack has the power to take control of devices remotely and steal details for accounts, especially your private bank information.
“Once the main Klopatra payload is installed, the real threat manifests,” Cleafy explained.
“The malware immediately requests a wide range of permissions, but one is crucial for its success: the Android Accessibility Services permission.
“Accessibility Services are a powerful framework designed to assist users with disabilities.
“They allow applications to read screen content and perform actions on behalf of the user. In the hands of malware, this functionality becomes a weapon.”
The malware has roots in Turkey but targets people all across Europe.
And it’s spread via malicious pages as opposed to apps directly from the Google Play Store.
HOW TO CHECK YOUR APPS ARE SAFE
If you are worried about the apps you’re downloading, there’s a handy feature you need to try…
First, make sure that Google Play Protect is on.
Just go to the Google Play Store on your Android phone and tap on your profile icon.
Then go to Play Protect > Settings > Scan Apps With Play Protect and toggle the feature on.
This will scan apps that you’re downloading to make sure they’re not dodgy.
But you can also get a safety check on apps that you’re downloading from outside of the Google Play Store too.
“If you install apps from unknown sources outside of the Google Play Store, Google Play Protect may ask you to send unknown apps to Google,” Google explained.
“When you turn on the “Improve harmful app detection” setting, you allow Google Play Protect to automatically send unknown apps to Google.”
Just go to the Google Play Store, then Profile > Play Protect > Settings.
Then simply turn Improve Harmful App Detection on and you’ll be sorted.
Picture Credit: Google
