VPN Services Are Leaking IP Address:
Investigator got dangerous vulnerabilities in 3 popular VPN services that could leak people real IP addresses and other sensible information. Virtual Private Network or VPN is a large way to protect your everyday online activities. That work by encrypting your information and boosting protection. As well as useful to obscure your real IP address.
While some take VPN services for online anonymity and information protection. One main reason many people manage VPN is to hide their actual IP addresses. To bypass online censorship and access sites that block by their Internet Service Providers. But what if when the VPN you thinking is protecting your privacy is really leaking your sensitive information and actual location?
Three Ethical Hackers Hired:
A team of 3 ethical hackers hired by privacy advocate firm VPN Mentor. Then the firm announced that 3 popular VPN service providers with millions of clients globally. They see vulnerable to defects that could compromise people privacy. The companies are HotSpot Shield, PureVPN, and Zenmate. PureVPN is the similar company who lied to have a ‘no log’ method. But a few periods ago assisted the FBI with logs that lead to the arrest of a Massachusetts man in a cyberstalking case.
After a set of privacy analyses on the 3 VPN services. The team found that all 3 VPN services are leaking their people actual IP addresses. Which can be applied to identify individual people and their real location. Concerning consequences for end users, VPN Mentor describes that the vulnerabilities could “hostile organizations, or individuals to identify the actual IP address of a user, allow governments, even with the use of the VPNs.”
The subjects in ZenMate and PureVPN have not been published since they haven’t still patched, while VPN Mentor says the subjects discovered in ZenMate VPN were less intense than HotSpot Shield and PureVPN. Then the team found 3 individual vulnerabilities in AnchorFree’s HotSpot Shield. This is set by the company.
Here’s the list:
- Hijack all traffic (CVE-2018-7879):
This vulnerability lived in Hotspot Shield’s Chrome extension and could have supported remote hackers to hijack and redirect users web traffic to a malicious website.
- DNS leak (CVE-2018-7878):
DNS leak defect in Hotspot Shield flashed people real IP address. To the DNS server, supporting ISPs to observe and save their online activities.
- Real IP Address leak (CVE-2018-7880):
This defect poses a privacy warning to people since hackers can trace people actual location and the ISP. The subject happened because the extension had a loose whitelist for “direct connection.” Researchers got that any domain with localhost, e.g., localhost.foo.bar.com, and ‘type=a1fproxyspeedtest’ in the URL bypass the proxy and leaks original IP address.
Here it must be written that all the 3 vulnerabilities were in the HotSpot Shield’s free Chrome plug-in, not on the desktop or phone applications.
However, the researchers also published related vulnerabilities in the Chrome plugins of Zenmate and PureVPN, but for now, the details of the bugs are being kept under wraps since both the producers have not still fixed them. Researchers believe that maximum other VPN services also suffer from related subjects.