Skip to main content

Critical security flaws found in two of the top VPNs, according to VPNpro report

Critical security flaws found in two of the top VPNs, according to VPNpro report
(Image credit: Getty)

Online security is becoming increasingly important as we move deeper into the digital age. Gone are the days of just installing the best antivirus software you can find. Now you needed complete internet security software, VPNs, and password protectors. 

But it seems that not even these measures make our online activities bullet proof, as a report from VPNpro has revealed that two of the top VPNs for PC, PrivateVPN and Betternet, both had vulnerabilities in their software that let hackers intercept the VPN’s communications. These security flaws even allowed hackers to install fake software updates through the app.

Using these security flaws, hackers could have been able to install programs onto devices that would allow them to steal personal information including online banking data which could be used to make purchases. They would also be able to secretly install ransomware on peoples’ devices and even gain access to their photos, videos and private messages. All in all, this is a huge security failure, especially for a VPN which is designed to improve people’s online security.

How was the flaw discovered?

VPNpro staff tested the top 20 VPNs by trying to install a fake update through them following a series of steps. The team checked to see if they could intercept a VPNs connection and communications, and then downloaded and attempted to install the fake update. Of the top twenty, only two failed to stop all of these stages, allowing the fake update to be installed. 

When it discovered the vulnerability back in February, VPNpro informed both PrivateVPN and Betternet, both of whom have since fixed the issues and plugged the breach. PrivateVPN was able to fix the issue by March 26th, while Betternet patched the issue out on April 14.

You can see the full results of VPNpro’s testing at the VPNpro website, where you will be encouraged to see that all of the products listed in our best VPN service guide including ExpressVPN, NordVPN, and IPVanish managed to block VPNpro’s hacking attempt at some stage, with the vast majority of them not even allowing the team to intercept the connection. 

So while this might be a temporary blow for the credibility of PrivateVPN and Betternet, it shows how robust the rest of the top 20 VPNs security systems are. Every cloud has a silver lining after all.