Tech »  Topic »  VexTrio TDS Deploys Malicious VPN Apps on Google Play and App Store

VexTrio TDS Deploys Malicious VPN Apps on Google Play and App Store

3 hours ago   gbhackers

VexTrio, a sophisticated threat actor known for operating a massive traffic distribution system (TDS), has expanded its malicious activities by deploying fake VPN applications on major app stores, including Google Play and the Apple App Store.

Originating from a merger between Italian spammers and Eastern European developers around 2020, VexTrio’s TDS facilitates the redirection of web traffic from compromised sites to fraudulent endpoints, including scareware, cryptocurrency scams, and deceptive mobile apps.

Evolution of VexTrio’s Cybercrime Network

The group’s infrastructure, spanning bulletproof hosting providers and cloud services, supports high-volume operations that affect millions of users globally, with domains ranking in the top 10,000 most popular worldwide as of July 2025.

This evolution underscores VexTrio’s shift from spam-centric tactics to integrated adtech fraud, leveraging affiliate networks like Los Pollos and TacoLoco to monetize black-hat traffic sources.

The Los Pollos website in May 2024,

The deployment of malicious ...


Copyright of this story solely belongs to gbhackers . To see the full text click HERE