VPNPro researchers have discovered vulnerabilities in VPN providers: PrivateVPN and Betternet which can allow hackers to push fake updates and install malicious programs or steal user data!
This is a serious problem: with the ability to push users to install fake updates, the hacker can install any program on a user’s computer or do a variety of malicious things, including:
- stealing personal data and selling it on the black market
- making bank payments with the victim’s computer
- secretly mining for crypto
- adding the device to a botnet
- locking the computer with ransomware
- leaking the victim’s stolen pictures, videos, recordings and messages online
VPNPro informed PrivateVPN and Betternet of the vulnerabilities in February, and they have now fixed these issues.