HotSpot Shield, PureVPN & ZenMate found leaking users real IP addresses

Haythem Elmir

According to VPN Mentor, a privacy advocate firm which reviews virtual private networks (VPN), after an in-depth research, it has been discovered that three VPN service providers with millions of customers worldwide are leaking sensitive data such as users’ IP addresses – These VPNs include HotSpot Shield, PureVPN, and Zenmate.

What Is A VPN Used For?

The purpose of using a VPN depends on the situation but mostly people opt-in for VPNs to fight online censorship by accessing websites that are blocked by their ISPs while some chose to use VPN for anonymity and better privacy.


But what happens when the VPN you thought was protecting your privacy was actually posing a threat to it? You can be under government surveillance or malicious organizations, hackers can track your IP address and identify your ISP or on a business level, it can allow attackers to carry distributed denial-of-service (DDoS) attacks.

3 Hackers Exposed Vulnerabilities In 3 Top VPN Vendors

According to VPN Mentor’s blog post, in order to find vulnerabilities in HotSpot Shield, PureVPN, and Zenmate VPN Mentor hired three ethical hackers who after testing concluded all three VPN have been leaking IP address of the user, even when a VPN is in use posing a massive privacy threat.

Out of three hackers, one has decided to keep their identity hidden while one going by the online handle of File Descriptor while the other Paulos Yibelo. Here it must be noted that the vulnerabilities exist in the Chrome browser plugins for all three VPNs and not in the desktop or smartphone apps.

HotSpot Shield VPN Vulnerabilities

According to the findings, AnchorFree’s HotSpot Shield was filled with three vulnerabilities. The first vulnerability (CVE-2018-7879) allowed remote attackers to cause a reload of the affected system or to remotely execute code.

Related:  Why You Should Use These 5 VPN Services

The second and third vulnerabilities (CVE-2018-7878 & CVE-2018-7880) leaked IP and DNS addresses which as discussed above poses a privacy threat to users since hackers can track user location and the ISP.

HotSpot Shield Fixed The Vulnerabilities

HotSpot Shield was quick to respond to VPN Mentor regarding the vulnerabilities and patched all vulnerabilities professionally and timely protecting millions of its users from what could be a serious threat if exploited.

HotSpot Shield, PureVPN & ZenMate found leaking users IP addresses
VPN Mentor’s IP address was revealed when they tested it on HotSpot Shield. (Screenshot credit: VPN Mentor)

“The fast response of Hotspot Shield is something we think is worth commending. We felt that they worked with our research team in a fast and serious manner and that they care for their users. They took our research as help for improvement rather than criticism,” said the co-founder of vpnMentor Mr. Ariel Hochstadt.

To read the original article:

HotSpot Shield, PureVPN & ZenMate found leaking users real IP addresses

Laisser un commentaire

Next Post

March Patch Tuesday Fixes 75 Security Issues, Drops Registry Key Requirement in Windows 10

  Microsoft’s Patch Tuesday for March is an eventful one, with updates that comprise fixes for 75 security issues and a change of tack in its patch deployment process for Windows 10. Of the vulnerabilities Microsoft patched for this month, 14 were rated as Critical and 61 Important. Six of these were disclosed through […]