Millions of VPN users at risk of hacking - here's what you need to know

[duddy]

Millions of VPN users at risk of hacking - here's what you need to know

 

After analyzing the top free VPNs available on the Google Play Store, security researchers have discovered that several contain critical vulnerabilities.

 

VPNPro's investigation found that the app SuperVPN Free VPN Client, which has over 100m installs, contains critical vulnerabilities that open users of the app up to man-in-the-middle (MITM) attacks. 

 

By exploiting these vulnerabilities, a hacker can easily intercept all of the communications between a user and the VPN provider to find out exactly what the user is doing online.

 

• Security flaws found in top free VPN Android apps
• Ethics and VPN: the industry needs to aim higher
• The hidden truth behind ‘unlimited’ or ‘lifetime’ VPNs

 

According to VPNPro, nearly 105m users who have installed SuperVPN Free VPN Client could be at risk of having their credit card details stolen, their private photos and videos leaked or sold online or their conversations recorded. To make matters worse, of the top free VPN apps analyzed by its security researchers, 10 other apps contained similar vulnerabilities.

 

Free VPN apps

 

 

Besides SuperVPN Free VPN Client, the other free VPN apps that VPNPro found to have vulnerabilities include TapVPN Free VPN, Best Ultimate VPN – Fastest Secure Unlimited VPN, Korea VPN – Plugin for Open VPN, VPN Unblocker Free unlimited Best Anonymous Secure, Super VPN 2019 USA – Free VPN, Unblock Proxy VPN, Wuma VPN-Pro (Fast & Unlimited & Security), VPN Download: Top, Quick & Unblock Sites, Secure VPN – Fast VPN Free & Unlimited VPN and Power VPN Free VPN.

 

Cybersecurity expert at VPNPro, Jan Youngren explained to 9News that using a free VPN could actually leave users less protected than not using one at all, saying:

"(VPN users are) more willing to transmit sensitive information on VPN apps than on other apps. For a VPN app to then be so vulnerable is a betrayal of users' trust and puts them in a worse position than if they hadn't used any VPN at all."

 

VPNPro disclosed these vulnerabilities to the developers of all 10 affected VPN apps back in October in order to give them enough time to fix these issues. However, only one VPN app, Best Ultimate VPN, responded and patched the vulnerabilities.

 

Source

 

 

 

[halvgris]

if you live in any censored country like china, north korea etc.

use qubes os with the free vpn connection since it isolates

each session.

 

some of the top 10 vpn providers you can get for as little as 12

usd a year. won't name which since i'm not affiliated or endorse

a vpn company. i do however endorse vpn use especially when

you connect to an unknown network i.e. macdonalds etc.