Editor's note: NordVPN and TorGuard have both published statements on their respective sites providing more details on the incident.
NordVPN, one of the world's most popular VPN providers, has confirmed that it was hacked by an unidentified party as early as March 2018.
Details are still scant but the virtual private network provider has confirmed to Techcrunch that one of its datacenters was penetrated last year.
- These are the best VPN for China
- Check out our list of best VPN for streaming
- Looking for the best VPN for torrenting and torrents?
Laura Tyrell, a spokesperson for NordVPN, told the publication that “One of the datacenters in Finland we are renting our servers from was accessed with no authorization.” While NordVPN has a “zero log” policy that was recently independently audited, one may question the motives of the hacker or hackers.
“The server itself did not contain any user activity logs; none of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted either,” added the spokesperson.
“On the same note, the only possible way to abuse the website traffic was by performing a personalized and complicated man-in-the-middle attack to intercept a single connection that tried to access NordVPN.”
Two separate VPN issues
The hacker identified an insecure remote management system that was operated by the datacenter provider and had full root access to a container server thanks to an expired TLS certificate.
In the own words of fellow hacker @hexdefined, this allowed “full control of everything in it (presumably including the ability to view and tamper with all network traffic going through it)”.
To make things even more interesting, two other VPN providers, access logs of VikingVPN and Torguard were also published alongside NordVPN on 8Chan, a possible indication that all three providers used the same data center.
- Discover the world's best services with our best VPN guide
Via Techcrunch
No comments yet.