The darknet sells a database of 21 million users of popular VPN services
A database of 21 million users of free VPN apps for Android has been published on shady forums. It includes email addresses, passwords and logins, as well as information about mobile devices and payments.
The leak was discovered by CyberNews experts. The database contains customer data for applications such as GeckoVPN, SuperVPN, and ChatVPN. The base is dated February 24. It contains user data from Russia and the Middle East.
SuperVPN is considered one of the most popular VPNs for Android with over 100 million downloads on Google Play. GeckoVPN has 10 million downloads and ChatVPN has 50,000.
Previously, the data of SuperVPN users has already been made public as part of a large-scale leak. Then 1.2 TB of data from several VPN providers appeared on the network, which included passwords, personal information and a list of websites visited by users. Security researchers found several copies of Internet activity logs on their shared server, although ISPs officially promised not to store the information.
The seller of the database claims that he was able to penetrate the storage due to the fact that the services did not change passwords on their servers for a long time.
Fraudsters can now use data from such a database for phishing and man-in-the-middle attacks.
Experts believe that the new leak occurred due to "obvious negligence in handling confidential information", since "the owners of the services simply did not change the default passwords on their database servers."
Some experts have suggested that free VPNs sell customer data to advertisers to make money. According to some of them, individual applications provide information about clients to intelligence agencies.