en

Hacker Breached Servers Belonging to Multiple VPN Providers from freemexy's blog

Servers belonging to the NordVPN and TorGuard VPN companies were hacked and attackers stole and leaked the private keys associated with certificates used to secure their web servers and VPN configuration files. unblock websites

Over the weekend, security researcher hexdefined tweeted that NordVPN, of which we are an affiliate, was compromised as the private keys for their web site certificate were publicly leaked on the Internet.While this certificate is now expired, if this certificate was used prior to expiration it could have allowed an attacker to create a convincing site that impersonates NordVPN through the use of their certificate. More advanced attackers could have also used this key to perform man in the middle attack (MiTM) to listen in on encrypted communications.

In addition to the web site certificate, the Twitter account for OpenVPN provider CryptoStorm.is posted a link to an 8chan post where a person hacker claimed to have full root access to servers belonging to NordVPN, TorGuard, and VikingVPN.

This allowed the attacker to steal OpenVPN keys and configuration files as shown by the image below of the NordVPN hack. CryptoStorm.is stated that by stealing these keys, it could have allowed an attacker to decrypt traffic at the time of the hack.This same 8chan post also links to the output of hacks on a server belonging to TorGuard where a Squid proxy certificate and OpenVPN keys and configuration files were stolen.

According to a statement issued by NordVPN, the attacker was able to gain access to their servers through an insecure remote management tool deployed by their datacenter.

They further state that the stolen TLS certificate for a "squid proxy cert which has not been valid on the TorGuard network since 2017."

While, they do not go into details as to how the server was hacked, they do state that there was "repeated suspicious activity" at the reseller they were renting the server from and that they no longer work with them.

TorGuard further stated that the compromised server is related to a lawsuit they filed against NordVPN in 2019.When comes to the issue of online privacy and security, we suggest to use a VPN, and our recommendation is RitaVPN.Qwer432
http://www.vpnsnetflix.net/
http://www.buysecurevpn.com/


The Wall

No comments
You need to sign in to comment