Vulnerabilities were found in VPN services that allowed the intruders to intercept and distribute fake updates. However, out of the twenty most popular services, only two of them were found risking the users. The PrivateVPN and Betternet VPN were accused of these vulnerabilities. Which gave the attackers a key source to spread malware or steal users’ data by intercepting a connection.
CyberGhost and TorGuard VPN services allow connection interception but only Private VPN and Betternet VPN authenticated attackers to produce fake updates and send it through the users. PrivateVPN simultaneously installed the updates while Betternet only offered such access to the users.
The Intruder could use the MITM Attack, taking the authority of the users’ connection to send fake software updates, which in-turn installs malware or steal users’ data. Scenarios developed, the victim could be beguiled into connection towards a malicious Wi-Fi Network, the target router would gain access and make the attacker in possession of users’ connection.
Ransomware – Infostiller or Cryptocurrency Miners can be added to the users’ device making it vulnerable towards further attacks. The researchers informed the authorities of both the services which were later addressed and fixed in recent updates released.