Vulnerability Discovered That Exposes Real IP-Addresses Of "Vpn Users"


We live in a world where everything we say, everything we do, everyone we talk to, everything we watch on the internet, every expression of creativity, or love, or friendship is recorded.We can be tracked by a many different organizations. 
By simply visiting a website can allow its operators to figure out your general physical location, identify details about your device information, and install advertising cookies that can track your movements around the Web.

So we often use VPN to hide our IP address while surfing the internet to maintain online anonymity, to access geo-restricted content, Bypass Government Censorship, Torrent Downloading(in some countries).

But a new vulnerability discovered can reveal real IP-addresses of VPN users with relative ease. The issue, that affects all VPN protocols and OS, was uncovered by "Perfect Privacy" who alerted many affected VPN providers to the threat before making it public.

For the past many years interest in encrypted and anonymous communications has increase to a far wider audience.VPN suppliers are significantly prominent among BitTorrent users, who by default broadcast their IP-addresses to many individuals once downloading a preferred file.

The goal of VPN is to protect one’s ISP IP-address, however a freshly discovered vulnerability shows that this can be simply bypassed on some providers.

The problem, uncovered by VPN provider Perfect Privacy, is a port forwarding trick. If an hacker/attacker uses a similar VPN than the victim actual IP-address is exposed by forwarding traffic on a particular port.

The security flaw affects all VPN protocols together with OpenVPN and IPSec and applies to all OS.

“Affected are VPN providers that provide port forwarding and don't have any protection against this specific attack,” Perfect Privacy notes.

For example, if an attacker activates port forwarding for the default BitTorrent port then a VPN user on a similar network can expose his or her real IP-address.

The same is true for normal internet traffic, however in this case the attacker needs to direct the victim to a page that connects to the forwarded port, as Perfect Privacy explains it.

The vulnerability affected many VPN providers, who were warned last week. This includes Private Internet Access (PIA), Ovpn.to and nVPN, who have all fixed the problem before public disclosure.

PIA’s Amir Malik said that their fix was comparatively easy and was enforced swiftly once they were notified.

“We enforced firewall rules at our VPN server level to block access to forwarded ports from clients’ real ip addresses. The fix was deployed on all our servers within twelve hours of the initial report,” 
In addition, PIA complimented Perfect Privacy for responsibly revealing the vulnerability before disclosing it public and awarded their competitor with a $5,000 bounty under its Whitehat Alert Security Program.

Post a Comment

0 Comments