A cyber criminal has published an ad claiming to have at his disposal, a collection containing data from 21 million three famous VPN applications for Android smartphones: SuperVPN, GeckoVPN and ChatVPN. The package - the value of which was not disclosed by the miscreant - was put up for sale at RaidForums, the same in which other major leaks were found (including the largest alleged in the history of Brazil).
The three aforementioned apps boast relative fame on the Play Store: in ascending order, ChatVPN has more than 50 thousand downloads, while GeckoVPN has 10 million installations and SuperVPN with 100 million. This last service, incidentally, has already created controversy last year after researchers issued a warning about serious vulnerabilities that made it “incredibly dangerous”.
To prove that he has such a collection, the seller made available three samples with random data, being possible to discover, through them, that the following information was compromised: e-mails, usernames, full names, country of origin, parts of passwords, data payment method (for Premium accounts), Premium account status and details about the device used (serial number, manufacturer, model, ID and IMSI, similar to IMEI).
The criminal also points out that he can provide free samples to users in a certain country according to the demand of the interested party, but the total price of the package is only revealed in an intimate way. The Cybernews newspaper contacted the three companies responsible for the development of the affected VPNs, but received no feedback from any of them until the closing of this report.
The danger of free VPNs
Obviously, any data leak is highly damaging and means that, somehow, a malicious actor has managed to enter computer environments in which he would not be authorized - either through exploiting a vulnerability or using social engineering techniques. However, this particular case underscores a classic security guideline on the web: avoid using free VPNs.
The VPN service (acronym for virtual private network) aims to protect user privacy by "encrypting" the communication tunnel between your device and the website server accessed. That way, neither criminals, nor government agents and not even your internet operator would be able to spy on your web browsing.
The problem is that many Internet users do not see hiring a good VPN as a necessary investment and resort to free alternatives, which are not always safe. One of the main problems with apps that are available for free is that they tend to capture much more personal data from users than adequate and log logs - that is, a history of everything that is being accessed.
Ultimately, if your free VPN servers are compromised, it is useless to browse the web in encrypted form, as attackers will have access to this history anyway.
And now?
There is no way to say, a priori, the level of commitment that the three VPN services suffered; however, with device details and account information, a malicious agent would already be able to identify you and apply a man-in-the-middle attack (when the scammer continuously monitors your connection and steals, for example, example, information filled in a form or your internet banking password).
The recommendation, for now, is that users of SuperVPN, GeckoVPN and ChatVPN uninstall the application and use personal monitoring services to find out, through their email address, if their account on these platforms is part of the leak. It is also crucial to be on the lookout for any possible email communication using the names of these three brands, as it may be phishing .
0 Comments