Be careful about the software you install on your computer. You can’t always trust the advertising on a website for Virtual Private Network (VPN) services, because providers aren’t going to tell you the bad points about their services. We will. This review examines the worst VPNs in the world and explains why you should avoid them.
Not all services that claim to be VPNs really are. A VPN creates privacy by encrypting all of the data that passes in and out of your computer, even the routing information. If a VPN doesn’t include this encryption, it isn’t actually a VPN. We have a couple of examples of this phenomenon on our list.
Bona fide VPNs go to great lengths to avoid logging the activities of their customers. This is because copyright lawyers and even government security agencies might try to force the VPN company to hand over details of their customers’ activities. We have discovered that some VPNs not only record your activities, but they place tracking codes in your connections so they can monitor and sell your data or sell advertizing, which they inject into the webpages that they transport.
There are a limited number of very dangerous VPNs that could use your Internet Protocol (IP) address for criminal activities. Others sell access to your bandwidth and your IP address to people that they don’t really vet.
Bad VPNs offer no protection, track you activities, sell your information, sell ad space on the webpages you visit, and even let others use your internet service. Keep reading to discover five VPNs that you need to avoid.
Summary Worst VPNs of 2018
Take a look at the summaries below for an in-depth view of the worst VPNs in 2018.
1. Hola VPN
Hola has to be the dodgiest VPN service in the world. This app has been installed on more than 116 million computers around the globe, by people who don’t realize that Hola isn’t actually a VPN. Hola does not include encryption in its service. Worse still, it doesn’t even provide any servers to act as proxies between its clients and the internet. Instead, Hola customers channel each other’s data. The service uses a peer-to-peer (P2P) model, which is similar to the methods used by torrent downloaders and Skype.
As Hola is a free service and a “community,” most members don’t mind becoming proxies for each other. However, things get a little less equitable when you find out that Hola allows fee-paying customers to use the network without themselves acting as proxies for others. Worse still, a sister company called Illuminati sells high-volume traffic access to the network. As each free member acts as an exit node, their IP addresses can end up being fronts for cybercriminals launching denial of service attacks.
Hola claims that members only contribute a tiny fraction of their internet bandwidth and that their internet activities are not monitored. However, many members report that their accounts at streaming services and webmail have been hacked shortly after becoming part of the Hola network.
The Betternet app has been downloaded from the Android Apps Store by more than five million users. However, a 2016 scientific study of VPNs found that Betternet contained 14 tracking libraries, making its customers the most monitored VPN users in the world. Betternet needs these codes in order to collect data on its users. By selling that data to third parties, the company is able to offer its VPN service completely free of charge. However, this extreme inclusion of tracking means that Betternet is more of an activity monitoring service for advertisers than it is a privacy service.
Probably the only thing worse than a VPN that practices activity tracking is a VPN that includes malware. Betternet is hard to beat in that category too. The same study that discovered the VPN’s inclusion of tracking software also uncovered 13 incidences of malware in the code. At the time, that made Betternet the joint third most infected VPN in the world. Since the date of the study, the top two most malware-infected VPNs have gone out of business, putting Betternet at the top of the league.
If imitation is a form of flattery, then Hola has found an admirer in Tigervpns. The same study that identified Betternet’s bad behavior also found some unusual, Hola-esque characteristics in Tigervpns.
Analysis of traffic coming out of a computer protected by this VPN revealed that there were calls to websites that were not actively sought by the apps running on that machine. This implies that the VPN was processing connection requests from other sources through that computer. Worryingly, the researchers discovered that many of the requests were to unregistered URLs. This is particularly significant, because it is indicative of computers that have been included in a botnet. A botnet is a group of hijacked computers that is used for cyberattacks. For example, the WannaCry ransomware attack of May 2017 used this unregistered web address control mechanism.
HideMyAss is the only fee-charging VPN provider on this list of the worst VPNs in the world. Researchers discovered a number of unexpected connection requests running out of a test computer that had HideMyAss operating on it. Those connections were to the JP Morgan website and to LinkedIn. This astonished the testers, because the web browser active on the computer hadn’t requested pages from either of those sites.
The researchers concluded that the only explanation for this superfluous activity was that HideMyAss was routing the connections of other customers through the test computer – similar to the activities of Tigervpns.
Among HideMyAss’s other weaknesses, tests show that the VPN does not protect Internet Protocol version 6 (IPv6) traffic or calls to DNS servers. This means that network proxies or Internet Service Providers (ISPs) could easily detect the intended correspondent of any connection, even though the subsequent destination IP address was masked by tunneling. This oversight completely removes all the advantages of using a VPN for privacy.
HideMyAss is based in the UK. It has handed over activity data to law enforcement agencies in a range of countries on several documented occasions.
5. Opera VPN
In April 2016, Opera Software announced that it had integrated a free VPN service into its browser. This was a strange decision, because the company already has a VPN service called SurfEasy. That VPN is also available as an Opera browser extension and has a free version.
The free version of SurfEasy is a teaser to draw in paying customers, so the decision by Opera to introduce an own-brand free VPN effectively cannibalized a marketing channel of one of its own income-producing divisions.
Fortunately, researchers at Help Net Security soon discovered something that will reassure the SurfEasy staff – the free Opera VPN isn’t a VPN. This service does not include encryption, so it is really just a proxy. This means that the Opera Software offering now includes a VPN, called SurfEasy, and a web proxy, called a free VPN.
Opera further damages the reputation of its SurfEasy brand by including calls to that VPN’s address during start-up. Technicians who examined the procedures behind the Opera proxy worried that its use of a device_id, which is permanently allocated to an implementing device, is clearly a tracking identification.
The terms of service of the Opera browser clearly state that the company reserves the right to collect user data (including activity logs) and share that information with others (that is, sell it to others). Now that the browser includes a fake VPN, the company has one more tool at its disposal for harvesting money-making personal data from its user base.
What to Avoid in a VPN
Although this review focuses on the five worst VPNs, this certainly isn’t an exhaustive list of weak, bad, or fake VPNs.
Fortunately, studies and articles that expose poor or fake VPNs have helped to shut down some of the worst services. The two most malware-infected VPNs in the world, okVPN and EasyVPN have ceased operations since their snaky dealings were exposed. Unfortunately, the runners up – Betternet and SuperVPN – are still operating their malware-inclusive services. Other top infectors include HatVPN, ArchieVPN, and OneClick VPN. CrossVPN was found to be especially rich in Trojans.
The fake VPNs that should really call themselves “proxies” are not limited to Hola and the Opera VPN. Their absence of tunneling removes the VPN classification from these services. However, their fakery was exceeded by MySafeVPN, which collected people’s money and provided nothing in return – not even a proxy service.
Worst VPNs: Conclusions
When researching VPN services, you might be tempted to just plump for the first one your encounter. However, as you can see from this review, such a strategy would be a mistake. Check out the VPN Analysis review of the best VPNs of 2017 to get an idea of which VPNs work well. If you would rather not pay for a VPN service, then you should read the recommendations for the five best free VPNs.
VPNs can help you preserve your privacy on the internet. They have to fulfill a checklist of features in order to be awarded a recommendation from VPN Analysis. Tracking user activities, containing malware, leaking addresses, or hijacking internet services are all practices that will earn a provider a place on our list of the five worst VPNs.