TheWindowsClub News

TheWindowsClub Tech News covers the latest Microsoft Windows 10 news, along with other products & services like Office, etc.

NordVPN confirms that it was hacked after Private keys were leaked

Irony! We all use a VPN, keeping in mind everything is private and secure, but then it looks like the risk is everywhere. NordVPN is one of the popular  VPN services has confirmed that it was hacked sometimes ago. The first report came via Twitter user @hexdefined, who shared screenshots of NordVPN private keys. Though the keys have expired. The original confirmation came from @le_keksec.

NordVPN Hacked

NordVPN confirms that it was hacked

HexDefined was able to use the keys locally, and when running on localhost with an /etc/hosts entry, it was working fine. The bigger problem was that It was possible to decrypt past encrypted sessions, which is a much bigger issue. A lot of details about this are available here.

NordVPN did talk about it a bit here, but it’s not clear the message they are passing along. I would say, its an epic marketing failed when they said:

Yesterday, our marketing department got ahead of themselves and published an ad on Twitter that triggered the infosec community. The message stated the following: ‘Ain’t no hacker can steal your online life. (If you use VPN). Stay safe.’

VPNs usually work in a way that all traffic gets through a secure tunnel, no logs are kept, and there is no way to decrypt here unless somebody has access to the keys. As per NordVPN spokesperson Laura Tyrell said that one of its data centers was accessed in March 2018.

One of the data centers in Finland we are renting our servers from was accessed with no authorization. The attacker gained access to the server — which had been active for about a month — by exploiting an insecure remote management system left by the data center provider, which NordVPN said it was unaware that such a system existed.

The bigger problem is something else. The company needs to set up an intrusion detection system. It should be able to warn about any sort of man in the middle attack or any server breach. While there was no data on the server, so chances of any username et all; might not have been stolen, but it clearly shows that the company needs to put more money into development and security than anything else.

Related read: Avast Antivirus Network breached through insecure VPN Profile.

Updated on Tags:

AshishMohta@TWC

Ashish is a veteran Windows, and Xbox user who excels in writing tips, tricks, and features on it to improve your day to day experience with your devices.

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap