A provider of VPN (virtual private network) who was able to use the slogan of "protect your privacy online" was to the dismay of this quote the victim of a computer attack.
NordVPN confirmed in a statement that he was attacked. The case was revealed following clarification of a security incident you touched him on social media. From then on, the secure ACCESS provider could no longer cover up the case. Currently the company in question is at the heart of a controversy over the quality of the security it offers its customers.
This article will also interest you: The VPN or the solution to access the internet safely
On October 20, the observation was made at the level of supplier's infrastructure after being compromised. Indeed the keys private encryption which have also expired, have been recovered by unknown persons, who could have used it under certain conditions, to mimic the clean NordVPN server, to attract potential customers.
We know that it was On October 21, that is, the day after the company communicated about this leak. In fact, everyone thinks she has downplayed things enough. However, the company claims that one of its servers was hacked and that data relating to the habits and navigation of its customers who used their service to protect their personal data would have been collected.
Moreover, this corrupt server, which was located in Finland, did not contain, according to the company, browsing his or her logs, activity logs, usernames, or passwords. But it does not rule out that the content of the web has been unmasked since the encryption has been broken. A member of NordVPN's technical advisory board, named Tom Ockland, explained: "Potential attackers could only have accessed this server, intercepted traffic and saw which websites people view – not the content, but only the website – for a limited time, only in this remote area."
For the computer security company, the breach that was used for the intrusion was due to an error by the provider who had to manage the server in question, since the server was leased. The intrusion could only have taken place once between January 31, 2018 and March 20, 2018. A NordVPN official explained in one: " (…) When we learned of the Datacenter's vulnerability a few months ago, we immediately terminated the contract with the server provider and destroyed all the servers we had rented. We did not reveal the feat immediately, as we had to make sure that none of our infrastructure could be exposed to similar problems. This could not be done quickly because of the huge amount of servers and the complexity of our infrastructure. (…) The timeline is as follows: the server concerned was created and added to our server list on January 31, 2018. The data center found the vulnerability it left behind and deleted the remote management account without notifying us on March 20, 2018.
The Datacenter put its finger on the vulnerability it was suffering from and deleted the remote management account without informing us on March 20, 2018. Our technicians discovered that the supplier had this account that they had not told us about months in advance. We then immediately took steps to audit our entire server network and accelerated the encryption of all our servers. (…) The expired TLS key was taken when the data center was being operated. However, the key could not be used to decipher VPN traffic from another server. On the same note, the only possible way to abuse website traffic was to launch a customized and complex MiTM attack to intercept a single connection attempting to access nordvpn.com."
To assure its customers, the privacy solutions provider meant that what happened was an isolated event in its own right. That of his 3000 servers, only one, the one among which he rented, suffered from this misbehaviour. It was for this very reason that he terminated all these contracts with other servers to which he had entered into such a contract.
If this was truly the case, why nordVPN deleted this promotional tweet: "No hacker can steal your life online (if you use VPN). Stay safe." Coincidence?
Now access an unlimited number of passwords: