Posted on by matt

Many VPNs are vulnerable to hackers and hijackers, according to PC World and Top10VPN

Some key points from PC World:

  • Vulnerability Increase: The study reports a 47% increase in VPN vulnerabilities in 2023 compared to previous years, with a notable rise in confidentiality breaches and severity of vulnerabilities.
  • Impact: These vulnerabilities primarily affect enterprise VPNs rather than those used by individual consumers, impacting businesses and corporations more directly.
  • Affected Vendors: Cisco, Zyxel, and SoftEther were identified as the most affected VPN service providers in 2023, indicating that even well-known vendors are not immune to these issues.
  • Vulnerability Types: The vulnerabilities include various types such as code execution, injection, denial of service, privilege escalation, and information disclosure, which could be exploited by attackers.
  • Security Recommendations: The study underscores the need for regular updates, implementation of two-factor authentication, and vigilant monitoring to counter these risks.
  • Projections: There’s a prediction of a further 22% increase in VPN vulnerabilities for 2024, suggesting ongoing security challenges for VPN providers.
  • Data Analysis: The analysis was based on data from the American National Vulnerability Database (NVD) using the Common Vulnerabilities and Exposures (CVE) system. The study used the Common Vulnerability Scoring System (CVSS) to evaluate the severity of these vulnerabilities.

Source: Many VPNs are vulnerable to hackers and hijackers, study claims | PCWorld

According to TOP10VPN, the affected tunneling protocols: IPIP/IP6IP6, GRE/GRE6, 4in6, 6in4.

How does this affect NordVPN, ExpressVPN, SurfShark and Proton VPN? Here’s an overview of the VPN tunneling protocols used by NordVPN, ExpressVPN, Surfshark, and ProtonVPN:

    • NordVPN:
      • NordLynx (based on WireGuard): This is NordVPN’s proprietary implementation of the WireGuard protocol, which they use as their default protocol for its speed and security.
      • OpenVPN: NordVPN supports OpenVPN, offering both UDP and TCP variants for flexibility and security.
      • IKEv2/IPSec: This is another protocol supported by NordVPN, particularly suited for mobile users due to its quick reconnection capabilities.
    • ExpressVPN:
      • Lightway: This is ExpressVPN’s own protocol designed for speed, security, and reliability. It’s the default protocol in their applications.
      • OpenVPN: ExpressVPN supports OpenVPN, providing options for both UDP and TCP connections.
      • L2TP/IPSec: Although not commonly recommended due to performance and firewall issues, ExpressVPN does support this for legacy systems or specific use cases. However, it’s not supported in their apps.
    • Surfshark:
      • WireGuard: Surfshark supports WireGuard, known for its speed and efficiency.
      • OpenVPN: They offer OpenVPN, giving users the choice between UDP for speed or TCP for reliability.
      • IKEv2: This protocol is supported for those needing quick reconnections, especially on mobile devices.
    • ProtonVPN:
      • WireGuard: ProtonVPN utilizes WireGuard for its speed and security benefits.
      • OpenVPN: Both UDP and TCP versions of OpenVPN are available in ProtonVPN’s apps.
      • IKEv2: This protocol is offered for enhanced security on mobile devices.
      • Stealth: A proprietary protocol by ProtonVPN based on WireGuard, designed to bypass censorship and enhance privacy.

None of these providers use the problematic protocols (IPIP/IP6IP6, GRE/GRE6, 4in6, 6in4) among their standard offerings based on the information available. This suggests these are not commonly used for modern VPN services due to various reasons including security concerns or obsolescence in favor of more modern protocols.