HUMAN, a cybersecurity firm, has identified a series of VPN apps that enroll user devices into a proxy network through a Golang library dubbed PROXYLIB. This operation was first revealed in May 2023 when a single free VPN application, Oko VPN, was found to exhibit malicious behavior and subsequently removed from the Play Store.
Source: GBHackers