1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Millions of free VPN user records leaked

    From TechnologyDaily@1337:1/100 to All on Mon Jun 27 17:00:04 2022
    Millions of free VPN user records leaked

    Date:
    Mon, 27 Jun 2022 15:52:12 +0000

    Description:
    Unprotected almost 20GB Bean VPN database contained sensitive user information.

    FULL STORY ======================================================================

    Free Virtual Private Network ( VPN ) service provider Bean VPN, has leaked personally identifiable information on millions of its users, researchers
    have found.

    Cybersecurity researchers from Cybernews stumbled upon a database with more than 18GB of connection logs generated by the app.

    The database, discovered by the researchers during a routine checkup using ElasticSearch, reportedly contained more than 25 million records, including details such as device IDs, Play Service IDs, IP addresses, connection
    stamps.

    Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 . Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/10.99. De-anonymizing people

    All of these items, the researchers said, could be used to establish the
    users true identities:

    "The information found in this database could be used to de-anonymize Bean VPN's users and find their approximate location using geo-IP databases. The Play Service ID could also be used to find out the user's email address that they are signed in to their device with," Cybernews security researcher, Aras Nazarovas, said.

    The app, which is not available on Apples app repository, has more than
    50,000 downloads on the Google Play Store - where it appears to have been pulled from. Read more

    China is finally loosening some rules on VPN services


    Russia is spending big on VPN


    VPN downloads in Russia have skyrocketed

    However on its website, the company says it doesnt keep user activity logs, including no logging of browsing history, traffic destination, data content
    or DNS queries.

    It also says it doesnt collect IP addresses, outgoing VPN IP addresses, timestamps or the durations of sessions which, as Cybernews report suggests, is not true.

    VPNs are a popular tool used to preserve ones privacy when going online. By hiding the endpoints true IP address and location, the user can circumvent various censorships and geographical blockades. Ever since Russia invaded Ukraine, its government blocked its citizens from accessing western media outlets, which triggered an enormous spike in VPN downloads in the country.

    VPNs are also very popular in China, where people use it to bypass the Great Firewall of China.

    Via: Cybernews



    ======================================================================
    Link to news story: https://www.techradar.com/news/millions-of-free-vpn-users-records-leaked/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)