16 Mar 2018

Researchers have found serious vulnerabilities in three popular VPN services that can leak the users real IP addresses and other sensitive data.

Virtual Private Network or VPN, allow the users to securely access a private network and share data remotely through public networks. It is an ideal method to protect your daily online activities by encrypting your data and boosting security, as well as useful to conceal your actual IP address.

VPN services are utilized for online anonymity and data security while a majority of the population use VPN is to hide their real IP addresses to access the websites which are blocked by their Internet Service Providers thereby avoiding online censorship.

Imagine a situation where a VPN which should protect your privacy is actually leaking your sensitive data and real location?

A team of ethical hackers hired by VPN Mentor have discovered that three popular VPN service providers which includes HotSpot Shield, PureVPN, and Zenmate which has millions of customers worldwide are vulnerable to flaws that could harm the user’s privacy.

A sequential privacy tests have been conducted on these three VPN services and it has been found out that all of them are leaking their users’ real IP addresses, which can be used to identify the users and their actual location.

The consequences of getting the information of the users original IP may include allowing the governments, hostile organizations or individuals to identify the actual IP address of a user, even when they are using the VPNs.

The issues found in ZenMate VPN is less severe as compared to the Hotspot Shield and PureVPN eve n though the issues in ZenMate and PureVPN have not been disclosed.

The team has also found three different vulnerabilities in AnchorFree’s HotSpot Shield, which have been already fixed by the company. The list of the vulnerabilities is mentioned

A vulnerability named Hijack all traffic (CVE-2018-7879) which resides in Hotspot Shield’s Chrome extension that could have allowed remote hackers to hijack and redirect victim’s web traffic to a malicious site.

A vulnerability named DNS leak (CVE-2018-7878) which is a DNS leak flaw in Hotspot Shield exposed users’ original IP address to the DNS server. This allows Internet Service Providers to monitor and record their online activities well.

A vulnerability named Real IP Address leak (CVE-2018-7880) which causes a privacy threat to users since hackers can track user’s real location and the ISP. This issue aroused because the extension had a loose whitelist for “direct connection.”

Researchers have found that any domain with localhost, e.g., localhost.foo.bar.com, and ‘type=a1fproxyspeedtest’ in the URL bypass the proxy and leaks real IP address.

Note that the three vulnerabilities mentioned were in the HotSpot Shield’s free Chrome plug-in, and not in the desktop or smartphone apps.

Similar vulnerabilities were also found in the Chrome plugins of Zenmate and PureVPN. It is believed that many other VPN services are also likely to suffer from similar issues.

Technical Writer,  Blogger,

Leave your thought