Home / News / Well-Known VPN Networks Shown to Leak your Data
Leaked Memo shows Ecuador Internet Censorship system

Well-Known VPN Networks Shown to Leak your Data

Well-known VPN networks like HotSpot Shield, Pure VPN and Zenmate, are leaking user’s information, VPN Mentor discovered this when they researched virtual private networks (VPN). Sensitive data on millions of users are vulnerable, the privacy advocate network found.

Data Leaked

VPN’s help users access websites blocked by their ISP’s, and hide a user’s identity, enhancing privacy and anonymity and circumventing censorship. It is especially dangerous for users when the tools they employ to protect them from surveillance end up assisting hackers to track your ISP address and identifying you. In this way, businesses can become vulnerable to malicious organizations planning to attack them with attempts at distributed denial of service (DDoS).

According to statements made on their blog post, VPN mentor employed three hackers to test HotSpot Shield, Pure VPN and Zenmate.  The hackers found that all of these leaked IP addresses even when they were in use.  This, they concluded, poses a massive security risk.  The identity of two of the hackers is known for their online handles. They are File Descriptor and Paulos Yibelo.  While all of the VPN’s are vulnerable in the Chrome Browser, desktop-and smartphone apps were unaffected.

Hotspot Shield

HotSpot Shield exposed users to three weaknesses.  The first, (CVE-2018-7879) enabled hackers to remotely execute code and could cause a reload of the system. The other two, (CVE-2018-7878 & CVE-2018-7880) exposed user’s IP addresses and DNS addresses, which users expressly attempt to hide by using the VPN.

Fast Reaction

HotSpot Shield quickly fixed the problems, something that VPN Mentor lauded publicly. Their commitment to the protection of their customers was clear to us, VPN Mentor co-founder, Ariel Hochstadt, explained.  They saw the research we did as an opportunity for improvement rather than as criticism.

In the past year HotSpot Shield was caught violating user privacy themselves.  They redirected users to advertising websites, kept activity logs and intercepted web traffic.  The fast and efficient response of HotSpot Shield reported by VPN Mentor will, however, go a long way in salvaging their reputation.

Zenmate and PureVPN

Both Zenmate and Pure VPN exposed users to the same vulnerabilities as HotSpot Shield. Both leaked ISP addresses. Both of these companies, however, failed to react to the research findings, and could consequently not be informed of the specific nature of the loopholes in their product.  Users are advised to pay attention to this and to contact the above VPN networks for updates.

About Ali Raza

Ali Raza is a freelance journalist with extensive experience in marketing and management. He holds a master degree and actively writes about crybersecurity, cryptocurrencies, and technology in general. Raza is the co-founder of SpyAdvice.com, too, a site dedicated to educating people on online privacy and spying.

Check Also

Severe Flaws in Industrial Routers Patched by Moxa

Severe Flaws in Industrial Routers Patched by Moxa

Talos intelligence has revealed 17 vulnerable points in a Moxa industrial router. The company has …

Leave a Reply

Your email address will not be published. Required fields are marked *