Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Using HotSpot Shield for security or Facebook access? Your IP is at risk of being exposed
Researchers have found a serious vulnerability that could leak true IP addresses and other sensitive information on very popular and widely used VPN software.
- VPN theory - What is a virtual private network?
- Useful virtual private networks on Google Chrome
Some people use VPN to browse anonymously or to protect their identity, and many people use them to hide their real IP addresses, bypass censorship and access blocked websites by region. But the bad news is that these software reveal the information you want to hide.
A group of three hackers hired by Mentor VPN revealed that three very popular VPN service providers, the HotSpot Shield, the PureVPN and the Zenmate - with millions of users around the world - turned out to be vulnerable.
After some security tests on these 3 VPN services, the team found that all three leaked the user's real IP, thereby identifying their identity and location.
The PureVPN is also the company that says it has never recorded history, but a few months ago used access history to help the FBI arrest a man in online surveillance.
The issue of Zenmate and PureVPN has not been published in detail because it has not been patched yet, but VPN Mentor said the error on Zenmate is less serious than the HotSpot Shield and PureVPN.
Capital is used to hide IP but users are at risk of being exposed to IP because of VPN software
These are 3 vulnerabilities on HotSpot Shield and have been patched.
- HIjack traffic (CVE-2018-7879) is part of the HotSpot Shield Chrome extension, allowing intrusion and redirection of web traffic to the infected site.
- Leak DNS (CVE-2018-7878) leaks IP users to DNS servers, allowing ISPs to monitor and record activity.
- True IP address leak (CVE-2018-7880) allows hackers to track user locations. This error is due to the whitelist to allow a very loose direct connection. Any domain with localhost such as localhost.foo.bar.com for example, and type = a1fproxyspeedtest in the address bar can bypass proxy and leak real IP.
Note that the above holes are on the Chrome browser utility, not on the mobile application or the software installed on the device.
See more:
- Russia banned proxy services and VPN to block extreme content
- China banned VPN services to build the Great Wall
- The best way to fake IP computer, best
Jessica TannerYou should read it
- Useful virtual private networks on Google Chrome
- Review Hotspot Shield: The fastest VPN available with proprietary technology
- Things you need to know about Private IP addresses
- How 'private' is your virtual private network?
- VPN vulnerabilities and how to check and prevent them
- VPN theory - What is a virtual private network?
- Should I use Hotspot Shield's free VPN?
- What does leak mean?
May be interested
- Minimize the risk of being attacked on Facebook
from the beginning of last month, security companies have recorded a new wave of attacks on facebook social networks with stronger intensity and more sophisticated levels. - Free software for computer protection and privacyworried about security but don't want to lose costs. however, you absolutely get it with 11 free programs in this article.
- 10 free and useful network toolsthese are 10 different applications that are very useful when installing, improving security or use for private or public networks.
- Security when working with Wi-Fi Hotspotin this article we will share some tips to help protect your email, documents and computers safely using wi-fi hotspots.
- The difference between Tethering and Hotspottethering can be done by various means like wifi, bluetooth or usb. tethering often allows sharing this device's internet connection with another device.
- The hard drive contained the information of more than 29,000 stolen Facebook employeesbad luck will still be on facebook until the end of 2019.
- Questions that help you check your Facebook account's security knowledgein this article, join the network administrator to learn about facebook security through the following multiple choice questions.
- How to check your Facebook information is leaked or notdata breach notification service have i been pwned can now check to see if your personal information was exposed in the data leak of more than 500 million facebook users on april 3.
- Is it safe when your ISP uses a router as a hotspot?you must also allow other isp users to use your router as a hotspot. but can people slow down the internet while using it or worse, use it for malicious purposes?
- New hacker tricks, increasingly more sophisticated, to avoid being exposedrecently, security firm fortinet (usa) has released a report on cyber security threats. according to this report, cybercriminals are becoming more and more sophisticated in cloaking and anti-analysis activities to avoid being exposed.
Attack the network
- The CredSSP vulnerability in the RDP protocol affects all versions of Windows
- New dangerous security vulnerabilities appear on iOS 11.2.6, can read messages without unlocking
- The last 9 years Firefox has not protected user passwords carefully
- Detecting vulnerabilities in the QR code reader tool of iOS 11 may trick users into accessing malicious websites
- Many computers in Vietnam have been hijacked due to virus infection
- CertUtil.exe allows an attacker to download malicious code and bypass antivirus software
The CredSSP vulnerability in the RDP protocol affects all versions of Windows
New dangerous security vulnerabilities appear on iOS 11.2.6, can read messages without unlocking
The last 9 years Firefox has not protected user passwords carefully
Detecting vulnerabilities in the QR code reader tool of iOS 11 may trick users into accessing malicious websites
Many computers in Vietnam have been hijacked due to virus infection
CertUtil.exe allows an attacker to download malicious code and bypass antivirus software