VPN data leak took a place, which leads to shadow forums that sell data on 21 million Android VPN users, according to security experts. The database includes information about e-mail, passwords and logins, as well as the mobile device from which the application was used. Among the compromised resources were GeckoVPN, ChatVPN and SuperVPN, whose data had already been compromised by leaks.
The database contains email addresses, user logins, data on mobile devices, including serial number, device type and brand. It also contains information about paying for premium accounts.
The leak was discovered by cybersecurity experts of the news portal CyberNews. As it became known, users of such services as GeckoVPN, SuperVPN and ChatVPN were hit.
It’s worth noting that these apps are among the most popular on Google Play.
Thus, users of the store have downloaded SuperVPN more than 100 million times, and the number of downloads for GeckoVPN and ChatVPN is 10 million and 50 thousand, respectively.
VPN services are designed to protect users’ online privacy. They are designed to anonymize user data, protecting them from cybercriminals and stalkers. In addition, these applications allow customers to spoof their real IP address and, with the help of this, visit Internet resources blocked in the country.
In addition, they note that the leakage of user information occurred as a result of negligence on the part of the VPN service developers. The service owners simply did not change the default passwords on their database servers, which led to dire consequences.
This is not the first time that VPN user data has been leaked to the network.
So, in July 2020, another large-scale leak occurred: then more than 20 million people became victims, among whom were also Russians.
Information from users of seven VPN services was hit – UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, and Rabbit VPN. At the same time, the total amount of personal data that was in the public domain amounted to 1.2 TB.
According to cybersecurity experts, cybercriminals can use the information stored in the database for phishing and man-in-the-middle attacks. This type of attack implies that the hacker puts his tools between the victim and the target resource, intercepting the user’s web sessions. Thus, an attacker can obtain information such as passwords and CVV codes of bank cards.
In addition, some victims of the negligence of VPN owners may end up in jail, as such services are often used by people living in authoritarian countries with repressive policies. De-anonymized, they will be an easy target for local authorities.
Free – is not the best option when it comes to your online security, try out VPN Super Unlimited Proxy and feel safe for your data!