发新话题
打印

Why is a free VPN dangerous for your security?

Why is a free VPN dangerous for your security?

Why is a free VPN dangerous for your security?
任何通过真实域名访问的,需要用户注册、在线支付的服务都不可靠,并且最后一个出口属于自己才是最安全的服务。


In total, the database contains 21 million records containing email addresses, passwords, usernames

When choosing a VPN service it is very important to pay attention to several criteria, one of them being the tariffs. Imagine: VPN server maintenance and service are quite expensive for provider companies. Why would an unknown company offer you a free service if it could not get anything in return? The answer is simple - they sell customer data and make a profit this way.


One of the biggest Android VPNs hacked? Data of 21 million users from 3 Android VPNs put for sale online
A user on a popular hacker forum is selling three databases that purportedly contain user credentials and device data stolen from three different Android VPN services – SuperVPN, GeckoVPN, and ChatVPN – with 21 million user records being sold in total.

The VPN services whose data has been allegedly exfiltrated by the hacker are SuperVPN, which is considered as one of the most popular (and dangerous) VPNs on Google Play with 100,000,000+ installs on the Play store, as well as GeckoVPN (1,000,000+ installs) and ChatVPN (50,000+ installs).
The forum user is selling deeply sensitive device data and login credentials – email addresses and randomly generated strings used as passwords – of more than 21 million VPN users for an undisclosed sum.
We reached out to SuperVPN, GeckoVPN, and ChatVPN and asked the providers if they could confirm that the leak was genuine but we have received no responses at the time of writing this report.
To see if any of your online accounts were exposed in previous security breaches, use our personal data leak checker with a library of 15+ billion breached records.
What was leaked?The author of the forum post is selling three archives, two of which allegedly contain a variety of data apparently collected by the providers from more than 21,000,000 SuperVPN, GeckoVPN, and ChatVPN users, including:
  • Email addresses
  • Usernames
  • Full names
  • Country names
  • Randomly generated password strings
  • Payment-related data
  • Premium member status and its expiration date
The forum post author is also offering potential buyers to sort the data by country. The random password strings might indicate that the VPN user accounts could be linked with their Google Play store accounts where the users downloaded their VPN apps from.
Example of VPN user data put for sale on the hacker forum:

Based on the samples we saw from the second archive, it appears to contain user device information, including:
  • Device serial numbers
  • Phone types and manufacturers
  • Device IDs
  • Device IMSI numbers

The threat actor claims that the data has been exfiltrated from publicly available databases that were left vulnerable by the VPN providers due to developers leaving default database credentials in use.
If true, this is an incredible blow to user security and privacy on the part of SuperVPN, GeckoVPN, and ChatVPN. And, in the case of SuperVPN, this blow is not the first.
The danger of using VPNs that log your dataIf the data sold by the threat actor is genuine, it appears that the VPN providers in question are logging far more information about their users than stated in their Privacy Policies.
SuperVPN Privacy Policy
It is also worth pointing out that the attackers might have gained full remote access to the VPN servers.
With deeply sensitive device information such as device serial numbers, IDs, and IMSI numbers in hand, threat actors that have access to the data contained on the compromised VPN servers can get hold of that data and carry out malicious activities such as man-in-the-middle attacks and more.
In theory, one of the main points of using a VPN is to encrypt your internet traffic and protect your privacy from the prying eyes of third parties, such as ISPs, repressive governments, or threat actors.
This is why, when choosing a VPN, users should always make sure that the VPN in question does not log their online activities or collect any other data about them. Otherwise, data stolen from VPNs that log their users’ information can be used against those users by threat actors.
This is particularly true for free VPNs, many of which claim they don’t log user data, but are time and again proven to collect and sell information about their users to third parties. That’s not to say that all free VPNs are guilty of data logging, although reputable free VPNs are definitely in the minority.
And, as this leak has shown, stolen credentials and device data can be the dire cost of choosing the wrong VPN provider.

原文: https://cybernews.com/security/one-of-the-biggest-android-vpns-hacked-data-of-21-million-users-from-3-android-vpns-put-for-sale-online/

[ 本帖最后由 linda 于 2021-5-17 01:47 编辑 ]

TOP

发新话题