A large number of people have started using VPN services to keep their activities private, but a compromised VPN can be even worse for your anonymity.
One of the leading VPN providers NordVPN has finally admitted that a hacker stole an expired TLS certificate key used to securely connect customers to the company’s web servers.
Apparently other VPN providers were also compromised: https://t.co/RoDRLQlYUK
— undefined (@hexdefined) October 21, 2019
The keys were allegedly stolen and shared among many users in the darker corners of the internet. The attack happened in 2018 in March at the Finnish data centre of a service provider used by the company, exploiting a vulnerability in a remote management interface which NordVPN wasn’t told about.
While someone did access the server, NordVPN stresses that it does not save activity logs, user IDs, or other personal details. An unknown party had full remote control of the server for a period of time, and they could have used that to scoop up data from some users regardless of whether or not anything is stored on the server.
Now the question is, are NordVPN users compromised.
Based on all available evidence, the answer appears to be yes or no both. According to NordVPN, it is a no-logs VPN provider that does not store anything on its servers. So the hacker would not have any access to server logs. Same time we are unable to trust their statements. The breach is likely to cause alarm that hackers may have been in a position to access some user data.
NordVPN said, “no other server on our network has been affected.”
But the security researcher warned that NordVPN was ignoring the larger issue of the attacker’s possible access across the network. “Your car was just stolen and taken on a joy ride and you’re quibbling about which buttons were pushed on the radio?” the researcher said.
It is really a serious matter for all the VPN users. We trust VPN services and we fully rely on them for our security. They should take care of our privacy. Users shouldn’t be compromised at any cost.