15 million attack attempts disguised as VPNs

Gen Z uses privacy-protection tools more than any other generation, but this trend may also make them prime targets for cybercriminals. From October 2024 to September 2025, Kaspersky detected more than 15 million attempted attacks disguised as VPN applications. Instead of protecting users, these fake or “cracked” VPNs often install malware or unwanted software — from downloaders and adware to trojans capable of stealing data or granting attackers remote access.

According to Kaspersky’s findings, Gen Z uses VPNs, encryption tools, anonymous browsers, and other privacy-enhancing technologies twice as often as older age groups. Having grown up in an era of data breaches, algorithmic tracking, and hyper-connected social platforms, they are more aware of how fragile online privacy can be. VPNs and anonymous browsers have become essential tools for protecting personal information, safeguarding online identity, and ensuring secure use of public Wi-Fi networks.

This trend, however, comes with an unexpected risk: in their effort to increase security, many young users turn to free, cracked, or tampered-with VPNs — tools that appear safe but actually expose them to far greater danger. Between October 2024 and September 2025, Kaspersky experts identified more than 15 million attack attempts disguised as various VPN applications.

During the period studied, the most common threats fell into three main categories of malicious and potentially unwanted software. AdWare topped the list with 284,261 incidents, continuing to plague users with intrusive ads, unwanted redirects, and aggressive tracking. Trojans followed with 234,283 detections — a serious threat due to their ability to steal data and provide full remote control of infected systems. Downloader-type threats ranked third with 197,707 cases, serving as a gateway for installing additional malware on victims’ devices.

Kaspersky researchers also discovered phishing pages mimicking login screens of well-known VPN services. These sites trick users into entering their credentials, putting them at risk of losing access to their VPN accounts — and potentially others, if they reuse the same password across platforms. Notably, many of these phishing pages look strikingly similar, suggesting they were likely created using phishing kits that allow attackers to easily mass-produce polished fake pages.

“Gen Z may be privacy-aware, but they are also practical and often driven by convenience. This behavior creates a window that cybercriminals actively exploit. They may, for instance, distribute pirated ‘premium’ VPN versions or apps imitating the names and designs of well-known privacy brands. As a result, young users who believe they are strengthening their protection may actually be handing attackers direct access to their devices and personal data,” says Evgeny Kuskov, Security Expert at Kaspersky.

To help Gen Z navigate digital threats in the entertainment landscape, Kaspersky has launched the interactive game “Case 404,” designed in a style and format that resonates with this demographic. The game places players in a world where seemingly harmless downloads and offers conceal serious cybersecurity risks. As they progress, users uncover hidden threats and learn how to protect themselves from malware, scams, and personal data leaks.

As a reward for completing the game, participants receive an exclusive discount for Kaspersky Premium — giving them access to the reliable tools they need to browse the digital world safely.

Kaspersky also recommends the following:

• Choose and download VPNs only from official stores or trusted developers. Official marketplaces apply security checks that significantly reduce the risk of encountering malicious or modified apps. External websites, on the other hand, often distribute fake versions capable of infecting devices or stealing data.
• Avoid cracked or modified applications. Even if they promise premium features for free, they are a major source of malware. Attackers often embed spyware, keyloggers, or backdoors in cracked VPNs, turning privacy tools into surveillance tools.
• When selecting a VPN, consult independent evaluations. For instance, in the 2025 AV-Test assessment, Kaspersky VPN Secure Connection ranked first with an excellent score of 94/100, confirming its strong performance and reliable protection.
• Check permissions before installing. Unusual requests — such as access to contacts, microphone, or location — are a red flag for any privacy-related app. A low number of downloads or suspicious repetitive reviews may also indicate that the app is not authentic.
• Use a trusted security solution such as Kaspersky Premium, which includes a VPN function and protects devices in real time by blocking malicious websites, phishing emails, infected ads, and payment-stealing mechanisms created by hackers to obtain your data.