NordVPN a well known company that offers VPN (Virtual Private Network) services has confirmed that it was hacked. NordVPN admitted that some of its servers had been breached last year in March 2018. The news comes after rumors surfaced that NordVPN’s servers had been hacked. Problems had first arisen when hackers discovered that NordVPN was using expired internal private key’s this allowed hackers to use their own servers to imitate NordVPN’s services.
In March 2018 hackers exploited one of NordVPN’s servers, the server in question was hosted in a datacentre in Finland by targeting an insecure remote management system that was incorrectly managed and left insecure by the data center provider. The popular VPN company said that it did not acknowledge that a remote management system of this type even existed. NordVPN has not disclosed the name of the data center involved. NordVPN confirmed that it had installed an intrusion detection system that will detect breaches early on, a spokesperson from NordVPN said “no-one could know about an undisclosed remote management system left by the data center provider. NordVPN said the expired private key that was exploited by the attacker could not have been used to decrypt traffic on the VPN server any other server.
Speculation of NordVPN’s defensive security policy has been questioned by security researchers who believe the VPN company has been focusing too many resources towards there ad campaign rather than taking their defensive security policy seriously. Security Researcher – “They spent millions on ads, but apparently nothing on effective defensive security.
VPN’s are very popular they are designed to protect your privacy online by routing and encrypting data that is sent over your network. VPN’s can circumvent your ISP (Internet Service Provider) from snooping on your internet history VPN are popular among journals, activists and pretty much anyone who wants to hide there internet search history from there ISP and hackers. Although your ISP won’t be able to see your internet search history your VPN provider will be able to this has left many privacy-focused users wondering if it’s clear enough what data VPN providers could be logging.
VPN’s services that are hosted offshore or do not keep logs are the most popular. NordVPN says that it does not keep logs of its user’s data https://nordvpn.com/features/strict-no-logs-policy/
Currently, this policy is inadequate as attackers might have been able to access some user data.
NordVPN – “The server itself did not contain any user activity logs; none of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted either,” said the spokesperson. “On the same note, the only possible way to abuse the website traffic was by performing a personalized and complicated man-in-the-middle attack to intercept a single connection that tried to access NordVPN.”
NordVPN is recommended and has been featured on a lot of well-known tech blogs and youtube channels such as TechRadar and PCMag. CNET
It has been suggested in an online post that some other VPN providers might have also been hacked. TorGuard and VikingVPN could have also been targeted around a similar time. TorGuard told TechCrunch that only a “single server” was compromised in 2017 but denied that any VPN traffic was accessed. TorGuard also put out an extensive statement following a May blog post, which first revealed the breach.
Sources: https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/