NordVPN, one of the world's most popular VPN providers, confirmed that it had been hacked by an unidentified party since March 2018.
Details are still scant, but the virtual private network provider confirmed to Techcrunch that one of its data centers had been penetrated last year.
Laura Tyrell, a NordVPN spokeswoman, told the publication: "One of the data centers in Finland that we rent our servers from has been accessed without permission." Although NordVPN enforces a recently independently audited "zero logging" policy, one may wonder. The motivations of hackers or hackers.
"The server itself did not contain any logs of user activity." None of our applications that send user-created credentials for authentication, usernames and passwords cannot be intercepted, "the spokesperson added.
"Along the same lines, the only way to abuse website traffic was to perform a complex, custom man-in-the-middle attack to intercept a single connection attempting to access NordVPN."
Two different VPN problems
The hacker identified an insecure remote management system that was operated by the data center provider and had full access to a container server through an expired TLS certificate.
In the words of hacker @hexdefined, this allowed "total control of everything it contained (including the ability to view and manipulate all network traffic that passes through it")) ".
To make things even more interesting, two other VPN providers, access logs VikingVPN and Torguard, have also launched alongside NordVPN on 8Chan, which could indicate that all three providers are using the same hub. of data.
Via Techcrunch
- Discover the best services in the world with our best VPN guide