From Torrent Freak:

A few weeks ago we covered a security flaw which allowed attackers to uncover the real IP-addresses of VPN users, if their providers allow forwarding on their network.

The news was picked up widely as it affected millions of users. However, it is just one of the many possible exploits VPN users are facing.

This week another issue was highlighted by ProstoVPN. This “vulnerability” affects both users with a direct connection and those with routers that have UPnP port forwarding enabled.

The issue boils down to a rather basic network routing feature where UDP listening software (e.g. torrent clients) respond to packets that are sent to the user’s ISP IP-address, through the VPN interface.

This means that a potential attacker can link a VPN IP-address to a user’s ISP IP-address.

The problem

The issue affects users on all operating systems and is not always easy to fix on the user end. VPN providers with custom software can address it, but with the standard OpenVPN software users have to take action themselves.

While the scope of the issue is large, as many users and providers have yet to address the issue, it requires quite a bit of effort to carry out an attack. It basically requires the attacker to send UDP packets to the entire Internet.

In addition, there’s the possibility of false positives which means that it’s harder to pinpoint the exact ISP IP-address. With this in mind, it seems unlikely that monitoring companies will attempt to expose every…

Continue Reading