Search This Blog

Showing posts with label IP addresses. Show all posts

VPN Services Reportedly Leaked Around 1.2TB User Data Containing Sensitive Information


A recent discovery by a tech service company has taken the world by storm. The VPN services may not be as protected and secure as they guarantee to be, the company reveals that around 894GB of client information and data from UFO VPN has been exposed on the web.

This was proved true for eight quite well-known VPN services that have purportedly released a mammoth 1.2TB of client information. These VPN applications are as yet accessible on the Google Play Store with just one removed until now.

The leaked info contains subtleties like accounts passwords, VPN session secrets/tokens, IP addresses of both client devices and servers, and even the operating system of the devices.

As per by Comparitech, the tech service company responsible for the discovery,  more than 20 million client entries are included in the logs every day.

The VPN specialist co-op was likewise informed regarding the information spill yet denied any such claims. UFO VPN said that the client logs are saved for traffic monitoring and that every last bit of it is 'anonymized'.

It was later found that there are seven more Hong Kong-based VPN administrations that have around 1.2TB of client information out in the open online.

The list incorporates FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, Rabbit VPN, and UFO VPN as well. Found by VPNmentor, it was discovered that all these VPN services share a typical Elasticsearch server and also the same recipient for payments, Dreamfii HK Limited.

The information uncovered from these VPN administrations contain sensitive data like home addresses, Bitcoin and PayPal payment details, email addresses and passwords, user names, and more. Dreamfii HK is expected to be the parent company for all these VPN services.

As of now, these VPN applications are as yet accessible on the Play Store, and only Rabbit VPN has been removed.

Tor Browser Bug Executes Uncalled for JavaScript Codes!


The well-known Tor is allegedly experiencing some kind of bug in its mechanism. It has hence warned the users to stay vigilant as regards to the “Tor Browser Bug”, which runs JavaScript codes on various unexpected sites.

Tor (originally Team Onion Router) is a free and open-source software which chiefly works on allowing anonymous communication to users.

Reportedly, the team has been working on a solution and would roll it out as soon as it is done, but there isn’t a particular time to expect it.

One of the most critical features for the security of the Tor Browser Bundle (TBB) happens to be the ability to block the code execution of the JavaScript, mention sources.

TBB is a browser that has a set of superior privacy features majorly for concealing real IP addresses to maintain the anonymity of online users and their devices’ locations.

Owing to these features, the browser has become a go-to for the working people, especially the journalists, citizens of repressive countries and people with political agendas because after all, it is a great instrument to dodge online censorship and firewalls.

People who are against the anonymity of the users and just can’t let things be, have in the past tried several times to expose Tor Browser users’ actual IP addresses via exploits that functioned on JavaScript code.

Sources cite that while few attempts of the better nature have been successfully employed to track down criminals, others were pretty strangely executed.

And then recently, a bug was discovered in the much appreciated TBB’s security mechanism. When the browser was set to allow the use of the most supreme security level and still permitted the execution of the JavaScript code when instead it should have barred it.

It is a relief that the team of Tor is well aware of the bug and is, with dedication working towards developing a patch for it. Per sources, they also mentioned that if a user requires to “Block JavaScript” they could always disable it entirely.

As per reports, the procedure for doing the above-mentioned is to open the “about config” and search for “javascript.enabled”. If here the “Value” column mentions “false” it means that the JavaScript is disabled and if it mentions “true” then right-click to select “Toggle” or double click on the row to disable it.