Privacy vulnerability exposes VPN users’ real IP addresses
Fri 27 Nov 2015
A major security flaw which reveals VPN users’ real IP addresses has been discovered by Perfect Privacy (PP). The researchers suggest that the problem affects all VPN protocols, including IPSec, PPTP and OpenVPN.
VPN users use the tool to hide their computer’s IP address online, commonly at platforms such as BitTorrent. However, PP now claims that their real identities can easily be unmasked, posing huge potential privacy and legal risks.
The technique involves a port-forwarding tactic whereby a hacker using the same VPN as its victim can forward traffic through a certain port, which exposes the unsuspecting user’s IP address. This issue persists even if the victim has disabled port forwarding.
“We have discovered a vulnerability in a number of providers that allows an attacker to expose the real IP address of a victim. ‘Port Fail’ affects VPN providers that offer port forwarding and have no protection against this specific attack,” PP explained in a blog post yesterday. It reassured its customers that all PP users are protected from the attack.
The only requirement is that the attacker has port forwarding enabled on the same VPN network as its target. A phishing link or laced image file, for example, is then sent to the victim which leads the traffic to a port under the hacker’s control.
PP discovered that five out of nine prominent VPN providers that offer port forwarding were vulnerable to the attack. The company has since notified the affected before disclosing the vulnerability publicly.
Having only carried out limited tests, PP expects that there remains a potential threat through this security flaw across other VPN providers.
To mitigate the attack, PP suggests that VPN companies should implement firewall rules at the VPN server level in order to block access to forwarded ports from users’ real IP addresses.