Two Popular VPNs Found With Critical Security Flaws

Be sure to update your VPN to avoid being hacked

It's key to update your VPN software from a trusted source (and a secure network connection) to be sure any vulnerabilities are patched.

Hacker in hoodie holding a laptop in front of giant digital display screen\
Bill Hinton / Getty Images

Security researchers at VPN Pro tested 20 popular VPN apps and found that two of them, PrivateVPN and Betternet, had critical vulnerabilities that allowed the researchers (and any potential hackers) access to target PCs.

How it works: In essence, hackers can set up a fake Wi-Fi network in a public space, like a coffeeshop. Then, when you connect to it and turn on your VPN (using one of the vulnerable clients), the fake Wi-Fi network will send you what looks like an update dialog, taking advantage of your (usually smart) willingness to keep your software updated. The problem is, the "update" is really malicious code, which then gives hackers access to your machine.

Then what: The researchers note that these specific vulnerabilities can let malicious actors steal sensitive information, make bank payments with your computer, use your PC to mine cryptocurrencies, add your PC to a botnet, sell your data on the black market, and potentially leak sensitive pictures, videos, or messages.

What to do: You still want to update your VPNs to the latest versions, but you want to do so from home or work, where your network is trusted. Then, you want to make sure you have a good antivirus program onboard, which can notify you if it finds any malicious activity.

Via: TechRadar

Learn More About Wi-Fi