1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Many top VPN apps can be hacked and almost totally ruined by this

    From TechnologyDaily@1337:1/100 to All on Tue May 7 16:45:12 2024
    Many top VPN apps can be hacked and almost totally ruined by this attack

    Date:
    Tue, 07 May 2024 16:29:32 +0000

    Description:
    TunnelVision has been around for more than two decades, and was possibly abused by hackers in the past.

    FULL STORY ======================================================================

    Cybersecurity researchers from Leviathan Security have flagged a potentially major security concern around VPN services.

    The team recently uncovered a vulnerability that forces almost all such apps to send and receive traffic outside the VPN tunnel, which is essentially
    their entire purpose.

    The findings on the flaw, named TunnelVision, were published in a blog post , which also states that so far, there is no straightforward solution to the problem. It further claims that the vulnerability existed since at least
    2002, and is highly likely that hackers found it, and abused it in the wild, already. TunnelVision

    As per the blog post, if the attacker has control over the network the victim is connecting to, they can configure the DHCP server that allocates IP addresses. Malicious entities connecting as unprivileged users can set up their own DHCP server, as well, to the same result.

    This feature is called option 121, and allows the server to gain priority
    over the default routing rules that send VPN traffic through a local IP address that triggers the encrypted tunnel. Consequently, all of the
    traveling data is going to the DHCP server itself, wont be encrypted by the VPN, and will be viewable to the attacker.

    VPN apps running on the majority of popular operating systems these days are all vulnerable, the researchers said. Theyve observed one mitigation, and
    seen a fix on Linux. However, the mitigation opens up the possibility of a side-channel attack, which is a major vulnerability in its own right.

    Removing support for DHCP is not the solution either, because this could
    break Internet connectivity in some legitimate cases, they added. The strongest recommendation we have is for VPN providers to implement network namespaces on operating systems that support them, the researchers concluded. Android is the only OS unaffected by this flaw since it doesnt implement option 121 to begin with. More from TechRadar Pro Yet another Ivanti VPN critical security flaw is being exploited, so patch now Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/many-top-vpn-apps-can-be-hacked-and-alm ost-totally-ruined-by-this-attack


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)