Android Found to Be Leaking Data Even with VPN On

MakeUseOf

By Katie Rees

Published Oct 13, 2022

It has been stated that Android is leaking Wi-Fi connection data despite the use of a VPN.

It has been reported that Android is leaking small amounts of connection data each time a user connects to a Wi-Fi network, even when their VPN is active.

Android Leaking Data While VPN Is In Use

A new security issue has been identified within Android's operating systems. When using a mobile device, users are having small amounts of their connection traffic leaked, even when they're using a VPN.

The company's "Always-On VPN" is designed to stay active around the clock, whenever the device is on. But it has been discovered that traffic data is still being leaked, despite the presence of the VPN. On top of this, when people activate Android's "Block Connections without VPN" feature (also known as a VPN kill switch), they're reportedly still at risk of having some of their traffic leaked.

The issue was reported by Mullvad VPN, a Swedish VPN provider. In a Mullvad VPN blog post, it was stated that Android is sending unencrypted connectivity checks "outside the VPN tunnel". This issue was discovered through a security audit, though the audit itself was not released at the time of Mullvad's announcement regarding Android.

Mullvad VPN also stated both in the aforementioned post and in a tweet that VPN services cannot stop this leak from taking place.

Mullvad suggested to users that "running tcpdump on your router" after disconnecting the Wi-Fi can help in monitoring the traffic leaving the device when the Wi-Fi is reconnected.

User Anonymity Is at Risk via These Leaks

Even leaking small amounts of connection data can jeopardize a user's online anonymity, and therefore their privacy. Even simple metadata can be used by malicious actors to extract further information from the user, as they can see the source IP address.

black and white vpn globe graphic with alert symbol

By sending connectivity checks outside the secure VPN tunnel, Android OS is putting its billions of users at risk. However, Mullvad VPN did state that any de-anonymization attempt "would require a quite sophisticated actor", not just any cybercriminal. Regardless, there is still a chance of an experienced malicious actor taking advantage of these leaks.

Pressure Is Being Put on Google to Amend the Issue

Mullvad VPN's post on Android's traffic leaks not only brings attention to the issue but puts pressure on Google, the owner of Android, to disclose to users that small amounts of their connection data may be leaked even when their VPN is active.

On the other hand, Google could add an option on Android devices to prevent sending connectivity checks outside the tunnel. This would give users the chance to select how their data is being handled.

Checking the Integrity of Your Data Is Important

Regardless of whether you're using a VPN, your data may still be at risk. This is why it's important to monitor your outgoing connection traffic to ensure that it isn't being handled in a way that you aren't comfortable with.