Blacklisted VPNs: The Worst VPNs You Should Avoid at All Costs

A deep dive into the most unreliable VPNs in 2025. Learn which VPN services to avoid—and why—based on data logging, malware risks, security breaches, and shady business practices.

Blacklisted VPNs: The Worst VPNs You Should Avoid at All Costs

Let’s be real—some VPNs are worse than having no VPN at all. They might leak your IP, fill your device with trackers, or sell your bandwidth to shady networks. Others just flat-out don’t work. And then there are those that claim to be VPNs but turn out to be scams. This list calls out the biggest offenders so you know which ones to avoid in 2025.

🚨 VPNs to Avoid in 2025

Here’s a breakdown of the most problematic VPNs based on real-world testing, user reports, and security incidents:

  • Hola VPN – Uses your device as an exit node for strangers, logs data, accused of spyware, resells bandwidth through Luminati.
  • Hoxx VPN – Weak encryption, tracks your activity, fails leak tests.
  • Hotspot Shield (Free) – Logs personal data, uses ad injectors, redirects traffic to e-commerce partners.
  • Psiphon VPN – No kill switch, DNS leaks, exposed user IPs.
  • PureVPN – Previously handed user data to the FBI, leaks IP and DNS, unclear ownership links to Ivacy.
  • SuperVPN – Suffered massive data breaches (360M+ records), flagged for MITM vulnerabilities.
  • Touch VPN – Constant server failures, collects personal data.
  • VPNBook – No app, clunky manual config, extremely slow.
  • EarthVPN – Website and app are broken or non-existent.
  • VPNArea – Poor user experience, possible service abandonment.
  • Thunder VPN – Logs user data, vague ownership, part of free VPN clusters based in China.
  • iProVPN – Glitchy apps, unreliable servers.
  • Flow VPN – Excessive data logging, outdated design.
  • Betternet – Malware infection, tracks users, embedded with 14 third-party tracking libraries.
  • HideMyAss (HMA) – Shared user data with law enforcement, slow refunds, based in UK (5 Eyes).
  • Ivacy VPN – Questionable refund terms, fake server locations, linked to PureVPN.
  • Opera VPN – Not a true VPN, just a proxy with logging policies and traffic sharing.
  • VPN Master – Numerous variants with malware, tied to Chinese data harvesting firms.
  • VPNSecure – Based in 5 Eyes, leaks DNS, suspected of using residential IPs for routing.
  • Windscribe – Left servers unencrypted, leaked private keys in Ukraine, admitted not following best practices.

Why These VPNs Are Problematic

Here are the most common issues we found with the VPNs above:

  • Leaks and Exposures: Many of these VPNs leak DNS or IP info, which defeats the purpose of using a VPN.
  • Malware Risks: Some apps include malware or tracking scripts.
  • Data Logging and Selling: A lot of free VPNs log your data and send it to third parties or sell it outright.
  • Security Breaches: Multiple VPNs have suffered massive data leaks, leaving user info exposed.
  • Fake or Misleading Services: A few, like MySafeVPN, don’t even operate real VPN servers.
  • Shady Jurisdictions: VPNs in 5 Eyes countries (like the US, UK, Australia) can be compelled to share user data.

The Risks of Free VPNs

Using a free VPN might sound great, but many of them are packed with dangers:

  • 84% leak your IP address
  • 82% try to access sensitive data
  • 75% include third-party trackers
  • 38% contain malware
  • 18% don’t even encrypt your traffic

These aren’t just bad stats—they’re reasons to stay far away.

Safer (Free) VPN Options

Not all free VPNs are bad. Here are a few that are more trustworthy and supported by premium models:

  • Proton VPN (Free) – Unlimited data, good privacy policies.
  • hide.me – 10GB/month and zero-logs on free servers.
  • PrivadoVPN – 10GB/month, strong no-logs policy.
  • TunnelBear – 2GB/month with friendly apps and transparency reports.

Our Take on Paid VPNs

Paying a few dollars a month is worth it for real protection. These VPNs don’t log your data, pass independent audits, and offer fast, secure apps:

  • Proton VPN – Our top choice, no logs, outside of 5/9/14 eyes.
  • hide.me – Zero-logs, 30-day money-back guarantee.
  • Mullvad – Privacy-first; doesn’t even ask for your email.
  • NordVPN – Great overall combo of privacy, speed, and usability.
  • Surfshark – Affordable and allows unlimited devices.
  • ExpressVPN – Trusted, simple to use, and secure.
  • CyberGhost – Easy for beginners, with a large server list.

Final Word

If your VPN is on this list, it might be time to switch. And if you’re relying on a free VPN without checking its privacy practices, think twice. Some of the most downloaded apps are the most dangerous. Your data deserves better.

To test your current VPN, run IP and DNS leak checks. If something looks off, ditch it. And don’t forget: just because a VPN is popular or has good app store ratings doesn’t mean it’s safe.

Need help picking a better one? I’ve got recommendations based on what matters most—your privacy.