The researchers found critical vulnerabilities in three popular VPN services that could filter users’ real IP addresses and other sensitive data.
VPN, or Virtual Private Network, is an excellent way to protect your daily online activities that work by encrypting your data and increasing security, as well as being useful for hiding your real IP address.
While some choose VPN services for online anonymity and data security, one of the main reasons why many people use VPN is to hide their real IP addresses to bypass online censorship and access websites. blocked by your ISP.
But what if the VPN you think protects your privacy filters your confidential data and your real position?
A team of three ethical hackers hired by the firm defense privacy VPN Mentor revealed that three popular VPN service providers: Hotspot Shield, PureVPN, and Zenmate, with millions of customers worldwide, were vulnerable to flaws that could compromise user privacy.
The team understands application security researcher Yibelo Paulos, an ethical hacker known by his pseudonym ‘file descriptor’ and works for Cure53, and while third-party identities have not been disclosed upon request.
PureVPN is the same company that lied to have a “no record” policy, but a few months ago it helped the FBI with records that led to the arrest of a Massachusetts man in a case of cyberbullying.
After a series of privacy tests on the three popular VPN services, the team found that the three popular VPN services filter the real IP addresses of users, which can be used to identify individual users and their actual location.
Regarding the consequences for end users, VPN Mentor explains that vulnerabilities can “allow governments, hostile organizations [sic] or people to identify a user’s real IP address, even with the use of VPN.”
ZenMate and PureVPN issues were not disclosed as they have not yet been patched, while VPN Mentor says the problems discovered in ZenMate VPN were less severe than HotSpot Shield and PureVPN.
The team identified three separate vulnerabilities in the AnchorFree Shield HotSpot, which were corrected by the company. Here’s the list:
Dirt all traffic (CVE-2018-7879) secular vulnerabilities in the Chrome Hotspot Shield extension and could have allowed remote hackers to hijack Web traffic, and redirect victims to a malicious site.
DNS Loss (CVE-2018-7878) – DNS Loss Error in Hotspot Shield exposed the user’s original IP address to the DNS server, allowing ISPs to monitor and record their online activities.
Actual IP Address Loss (CVE-2018-7880): This error poses a threat to user privacy since hackers can track the user’s and ISP’s real position. the problem occurred because the extension had a loose whitelist for “direct connection”. The researchers found that any domain with localhosts, such as localhost.foo.bar.com and ‘type = a1fproxyspeedtest’ in the URL ignore the proxy and filter an actual IP address.
Here it should be noted that the three vulnerabilities were in Chrome’s free Hotspot Shield add-on, not in desktop or smartphone applications.
The researchers also reported similar vulnerabilities in the add-ons of Zenmate and PureVPN Chrome, but for now, the details of the errors are kept secret since the manufacturers have not solved them yet.
The researchers believe that most other popular VPN services also have similar problems.