VPNs, virtual private networks, make it possible to secure connections by encrypting internet communications. One of the most popular providers, NordVPN, has experienced a security problem on a server and unveils details of the incident on his blog.
The case surfaced today but the problem occurred early in the year 2018. NordVPN explains that it did not communicate the incident immediately to ensure that no other server in its network presented any problems. Similar. Only one server located in Finland is concerned, it was rented to a provider at the end of January 2018.
This same provider apparently left unsecured access for remote management of the server, which allowed the attacker to gain access to the machine. When he saw the problem in March 2018, access was finally cut off without informing NordVPN of this fault. It was only a few months later that NordVPN discovered that the server had been compromised for a few weeks.
No user data leaks
Following this, NordVPN audited its entire network to verify that no similar fault existed on its server farm. The contract with the faulty provider has been terminated. The service publisher explains that no user data has been stolen. The feature of the flaw, however, could have allowed an attacker to set up a complex interception system with an expired security key.
Following this hacking attempt, NordVPN took several steps to prevent such a problem from recurring. At the beginning of the month the service notably communicated on an audit carried out to check the security of its applications used by some 12 million customers. A new comprehensive infrastructure audit will be carried out next year by an independent service.