The providers who are victims of the massive data breach are some of the most popular free Android VPNs – SuperVPN (over 10,000,000 installations on Google Play), GeckoVPN (over 10,000,000 installations), and ChatVPN (over 50,000 installations). The database with the date February 24 is currently being sold at an unknown price on shadow forums.
The cause of the leak is likely negligence on the part of the provider in logging usage information, and a failure to take the necessary precautions to secure this data. The VPNs not only stored usage information, they also kept default server login information which made it very easy to get in.
What’s the damage?
This isn’t the first time that free Netflix VPN providers @ Globalwatchonline.FR have been responsible for major data breaches.
In particular, SuperVPN suffered a significant leak back in July 2020. However, it seems that providers did not learn any lessons from this and did not take any additional measures to improve security.
This time the leak is not only bigger, but also contains much more sensitive data. The anonymous poster who posted it says the leaked database includes the following data:
- E-mail addresses
- User names
- Full user names
- Country of origin of the user
- Verely generated passwords
- Payment dates
- Subscription status and expiration date
While all of the leaked information is sensitive, it is the randomly generated passwords that should be of most concern. These can be linked to Google Play accounts, which could cause users’ financial information to be compromised with Express VPN @ Japan.
Why are these types of free VPNs often inadvisable?
In addition, the leak contains information about:
- ID’s and serial numbers of users’ devices
- IMSI numbers of devices
- Telephone types and manufacturers
Potential attackers can use this information for their malicious practices, such as a man-in-the-middle attack (MITM attack) to gain access the user’s device and financialële information.
Despite the fact that there is still debate about whether the leak actually exists, the sample data in the post seems legitimate. If the leak actually exists, it will put a big dent in the credibility of these free VPN providers, as well as a major danger to their 21 million users.