The database of registered users of GeckoVPN, SuperVPN and ChatVPN is put up for sale on the shadow forum.
The user databases of three popular Android VPN services have been hacked, and now millions of user records are up for sale online. This is reported by techradar.com.
In total, the database for sale contains twenty-one million records containing user registration information. In addition to authentication information, the databases also include email addresses, payment-related data, and the expiration date of premium accounts. The attacker also reportedly offers to sort the data by country for potential buyers.
A team of researchers, looking at fragments of databases, found that the leak also contains information about the user's devices. According to the researchers, with the appropriate know-how, the leaked information can be used to launch man-in-the-middle (MITM) attacks. on unsuspecting users.
The researchers contacted SuperVPN, GeckoVPN and ChatVPN and asked them to confirm or deny the authenticity of the leak, but they did not receive any comments from the companies.
If you believe the hacker, the databases were public, and the companies didn't even follow the basic security procedure to disable the default database credentials.
This news is bound to have major implications for the entire industry, especially given the fact that the target providers are among the most popular VPN providers.
The user databases of three popular Android VPN services have been hacked, and now millions of user records are up for sale online. This is reported by techradar.com.
In total, the database for sale contains twenty-one million records containing user registration information. In addition to authentication information, the databases also include email addresses, payment-related data, and the expiration date of premium accounts. The attacker also reportedly offers to sort the data by country for potential buyers.
A team of researchers, looking at fragments of databases, found that the leak also contains information about the user's devices. According to the researchers, with the appropriate know-how, the leaked information can be used to launch man-in-the-middle (MITM) attacks. on unsuspecting users.
The researchers contacted SuperVPN, GeckoVPN and ChatVPN and asked them to confirm or deny the authenticity of the leak, but they did not receive any comments from the companies.
If you believe the hacker, the databases were public, and the companies didn't even follow the basic security procedure to disable the default database credentials.
This news is bound to have major implications for the entire industry, especially given the fact that the target providers are among the most popular VPN providers.