21 Million Users of 3 Android VPNs Get Their Personal Details Stolen
The databases of three android VPN services have been hacked and put up for sale on a hacker forum online. The databases contain sensitive information of around 21 million people, including their authentication credentials and device data.
The VPN services that this information has purportedly been stolen from are SuperVPN, GeckoVPN, and ChatVPN. If the information that has been leaked is in fact, genuine, what’s even more troubling than the fact that it has been put up for sale is the amount of information this application can collect from your device—even after claiming that they won’t in their respective privacy policies.
What was leaked?
Aside from the user credentials and authentication information, it has also been reported that the databases include user names, full names, country names, email addresses, and payment-related data, as well as the expiration date of premium accounts—among possibly many other data points.
The data also includes randomly generated strings used as passwords that point towards the fact that the VPN user accounts might be linked to their Google Play Store accounts where they downloaded the apps from.
The report also mentions that the threat actor behind the uploads is even offering to categorize this data by country for interested buyers.
Pervasive data logging
After analyzing snippets of data from the uploaded database, the team of CyberNews researchers reveals that it also contains information regarding the user’s devices, including their device serial numbers, device IDs, the type and manufacturer of the phone, and even the device IMSI numbers. According to experts, this information, paired with the right expertise, can be used to launch MITM (or man in the middle) attacks on other users.
The site admitted that their team has reached already reached out to the teams behind the three VPN services but has so far received no comments or answers. Having said that, it appears, from the looks of it, that the companies failed to follow basic security procedures that would disable the default database credentials—as a result, the data was publically accessible.
Unfortunately, the incident is going to result in serious repercussions, especially considering the fact that the services in question are three very popular VPN services on Google play with 100,000,000+ (SuperVPN), 10,000,000+ (GeckoVPN), and 50,000+ (ChatVPN) installs respectively.
For more news and updates, stick to Ivacy VPN.