Breaking News Today

Over 100 million VPN users at risk of being hacked from vulnerability

Published: (Updated: ) in Australian News by .

A popular tool designed to give users added safety and privacy online could be doing just the opposite.

A popular tool designed to give users added safety and privacy online could be doing just the opposite.

After analysing the top free virtual private networks (VPN) available for download in the Google Play store, security researchers found several popular apps containing critical vulnerabilities.

VPNs give users online privacy and anonymity by creating a private network from a public internet connection, with the technology masking their internet protocol (IP) and offering encrypted connections safer than traditional Wi-Fi hotspots.

Identity theft hacker

The software has also recently seen a surge in popularity for the ability to circumnavigate geo-blocking, meaning users can access content usually reserved for a different geographical location.

Cyber security expert Jan Youngren said the vulnerabilities were exposed by a man-in-the-middle attack (MITM) - a type of eavesdropping attack that occurs when a malicious actor inserts himself as a relay/proxy into a communication session between people or systems. 

"More than 105 million people could right now be having their credit card details stolen, their private photos and videos leaked or sold online, every single minute of their private conversations recorded and sent to a server in a secret location," he explained.

"They could be browsing a fake, malicious website set up by the hacker and aided by these dangerous VPN apps.

"While everything will appear to work normally, and you think that you're being extra safe and secure, you're actually being seriously exposed."

Researchers disclosed these vulnerabilities to all 10 affected VPN apps in October 2019, however they claim only one of the affected apps had issued a patch.  Google has also been advised of the problematic apps found in the Google Play Store.

READ:  Amy Schumer Obviously Kept It Oh-So-Real When Talking About Her Post-Baby Sex Life

Mr Youngren said it was disastrous that VPNs had these vulnerabilities as users are connecting to VPNs in order to increase their privacy and security.

"(VPN users are) more willing to transmit sensitive information on VPN apps than on other apps. For a VPN app to then be so vulnerable is a betrayal of users' trust and puts them in a worse position than if they hadn't used any VPN at all," he said.

Google has been contacted by for comment.

VPN apps listed as 'dangerous':

Source: 9News

Share This
Finance Advice 2021