The hidden Chinese VPNs on the US App Store
The Tech Transparency Project (TTP) investigation revealed that in 2024, millions of Americans unknowingly downloaded free VPN apps owned by Chinese companies tied to the Chinese government and military. One of these companies, Qihoo 360, has already been blocklisted by the US government due to its close relationships with the Chinese military.
At least 20 of the tested VPN apps on the US App Store were traced back to Chinese origins. Most of these apps went to great lengths to conceal their Chinese ties through offshore shell companies. This made it nearly impossible for US users to know who was truly behind the service they were using. What raised alarm among the cybersecurity community was that such VPN apps may allow the Chinese government to snoop on Americans and put America's national security at risk.
These VPN apps also heavily targeted American teens, especially after the temporary US TikTok ban. They marketed themselves as a way to bypass the TikTok restrictions. The TTP later revealed that these VPN apps were also available on the French App Store, which shows that the issue spread a lot further than the Americas and affected other Western markets, too.
How these VPNs compromise user privacy
VPNs are created to keep your internet traffic private, but the effect might be the exact opposite when Chinese companies run them. Chinese laws obligate VPN providers to hand over user data and browsing information to the government upon request. This means that millions of Americans who downloaded these VPN apps might have exposed their sensitive data to Chinese authorities without even knowing it, which undermines the whole point of a VPN.
Hiding the Chinese origins behind offshore companies made it nearly impossible for casual users to figure out who actually controls the VPN service. This lack of transparency raises questions about whether these VPNs prioritize user privacy or are simply tools for surveillance, passing everything you do online to the Chinese authorities.
Most users, especially younger ones, might not realize their VPN could be used for foreign government surveillance and are not aware of the potential consequences of a data leak. As a result, unknowingly using Chinese VPNs from the App Store can seriously jeopardize data privacy and security.
The implications
The discovery of free Chinese VPNs on the US App Store raised concerns among cybersecurity experts about whether the app vetting process is functioning as intended. For Apple, a company that puts user privacy first, this could damage its reputation and users' trust in the security of apps in the App Store.
If users can't trust the apps they download from official stores, Apple's oversight may cast a shadow on the entire tech industry, especially now, when privacy is becoming increasingly important for everyday internet users.
Why should you trust NordVPN?
At NordVPN, we care about building trust with our customers, that's why we do not log, store, or share what you do online. Whenever you connect to the internet with NordVPN, your online traffic is routed through a secure VPN tunnel, ensuring that no one trying to intercept can peek at your browsing activity. We don’t just promise privacy, we run annual no-logs audits to stay transparent and give you peace of mind.
Beyond protecting your online activity with the most advanced encryption standards, NordVPN offers versatile features that make your browsing experience even more enjoyable. Our Threat Protection Pro™ blocks malicious ads and websites, stops web trackers, and scans your downloads for malware. Enable it with a click and explore the internet you deserve.
Online security starts with a click.
Stay safe with the world’s leading VPN
