Online security is becoming increasingly important as we move deeper into the digital age. Gone are the days of just installing the best antivirus software (opens in new tab) you can find. Now you needed complete internet security software (opens in new tab), VPNs, and password protectors.
But it seems that not even these measures make our online activities bullet proof, as a report from VPNpro (opens in new tab) has revealed that two of the top VPNs for PC, PrivateVPN and Betternet, both had vulnerabilities in their software that let hackers intercept the VPN’s communications. These security flaws even allowed hackers to install fake software updates through the app.
Using these security flaws, hackers could have been able to install programs onto devices that would allow them to steal personal information including online banking data which could be used to make purchases. They would also be able to secretly install ransomware on peoples’ devices and even gain access to their photos, videos and private messages. All in all, this is a huge security failure, especially for a VPN which is designed to improve people’s online security.
How was the flaw discovered?
VPNpro staff tested the top 20 VPNs by trying to install a fake update through them following a series of steps. The team checked to see if they could intercept a VPNs connection and communications, and then downloaded and attempted to install the fake update. Of the top twenty, only two failed to stop all of these stages, allowing the fake update to be installed.
When it discovered the vulnerability back in February, VPNpro informed both PrivateVPN and Betternet, both of whom have since fixed the issues and plugged the breach. PrivateVPN was able to fix the issue by March 26th, while Betternet patched the issue out on April 14.
You can see the full results of VPNpro’s testing at the VPNpro website (opens in new tab), where you will be encouraged to see that all of the products listed in our best VPN service (opens in new tab) guide including ExpressVPN, NordVPN, and IPVanish managed to block VPNpro’s hacking attempt at some stage, with the vast majority of them not even allowing the team to intercept the connection.
So while this might be a temporary blow for the credibility of PrivateVPN and Betternet, it shows how robust the rest of the top 20 VPNs security systems are. Every cloud has a silver lining after all.