News

Attackers gained access to the NordVPN servers back in 2018

NordVPN confirmed that attackers gained access to their servers in March 2018.

The company believes that hackers could not manipulate the personal data of users, however, unnamed cyber security sources from TechCrunch note that this statement was “dubious” and the service “did nothing for data security”.

“The attacker gained access to the server — which had been active for about a month — by exploiting an insecure remote management system left by the data center provider”, — reported in NordVPN.

Was compromised server with the remote control system left by the lessor of the Data center. NordVPN did not know about the existence of this system, they assured the company.

“No user activity logs were stored on the server itself; none of our applications sent user credentials for authentication, so logins and passwords could not be intercepted. On the same note, the only possible way to abuse the website traffic was by performing a personalized and complicated man-in-the-middle attack to intercept a single connection that tried to access NordVPN”, — said VPN-service representatives.

NordVPN said it learned about the hacking “a few months ago,” but a company spokesman said it hadn’t been publicly reported until today because they wanted to be “100% sure that every component in the infrastructure is safe.”

Read also: Information security researcher publishes PoC exploit for critical vulnerability in Android

An anonymous cybersecurity specialist warned that NordVPN is ignoring a broader issue that is possible access by attackers to other company systems.

“Your car has just been hijacked and you argue which buttons he criminal pressed on the radio? ”They spent millions on ads, but apparently nothing on effective defensive security”, — noted anonymous TechCrunch respondent.

NordVPN was recently recommended by TechRadar and PCMag. CNET described it as its “favorite” VPN provider.

The company confirmed it had installed intrusion detection systems, a popular technology that companies use to detect early breaches, but “no-one could know about an undisclosed remote management system left by the [data center] provider,” said the spokesperson.
Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

James Brown

Technology news writer and part-time security researcher. Author of how-to articles related to Windows computer issue solving.

Related Articles

One Comment

  1. “An anonymous cybersecurity specialist” – sounds legit, especially when the market is extremely cutthroat. The point is that no data was leaked and no users were affected, so I think the whole case is a bit exaggerated. Afaik, NordVPN followed this up with an appealing security plan they’re gonna be undertaking, interested to see how it goes

Leave a Reply

Your email address will not be published. Required fields are marked *

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button