How a seemingly free VPN can empty your bank account

A warning has been issued about a free VPN application that is being used to drain victims' bank accounts. The app, named Modpro IP TV + VPN, secretly monitors users' screens and then uses that information to raid their finances. Cybersecurity firm Cleafy estimates the app has been installed on at least 3,000 devices.

Cleafy discovered that the app contains a dangerous piece of malware called Klopatra, which has undergone a "significant evolution." The updated malware can now remotely control devices and steal personal account information.

The company explained the threat: "Once the main Klopatra payload is installed, the real threat manifests. The malware instantly asks for a broad set of permissions, with one being critical: the Android Accessibility Services permission. This framework is intended to help users with disabilities by allowing apps to read screen content and perform user actions. However, when used by malware, this powerful functionality becomes a weapon."

Klopatra was first identified in March and has been modified 40 times since then by hackers attempting to bypass online security protections. The malware originally emerged in Turkey and is primarily distributed through malicious websites rather than official app stores.