Why Your VPN May Not Be As Secure As It Claims

ronjor · May 6, 2024

May 6, 2024
Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the u
Click to expand...

ser.
https://krebsonsecurity.com/2024/05/why-your-vpn-may-not-be-as-secure-as-it-claims/

JRViejo · May 7, 2024

Researchers from Leviathan Security have discovered a new vulnerability that affects virtual private networks (VPNs) on most platforms.

VPNs serve multiple purposes. They encrypt all traffic when connected to a VPN server to prevent eavesdropping and tampering. VPNs furthermore help users stay anonymous, as the VPNs IP address is revealed to websites and services.

TunnelVision is a new attack that manipulates traffic using rogue DHCP servers. All of this happens without dropping of the VPN connection or kill-switch functionality taking note and blocking all Internet connectivity. For the user, the VPN connection appears to work without issues.
Click to expand...

TunnelVision attack against VPNs breaks anonymity and bypasses encryption by Martin Brinkmann

Azure Phoenix · May 7, 2024

Windscribe responded

https://twitter.com/windscribecom/status/1787917302253367497

Regarding CVE-2024-3661: TunnelVision

Despite the alarmist claims by some tech publications, "virtually all VPN apps" are NOT vulnerable to this exploit. Windscribe implements a strict firewall that blocks all activity outside of the tunnel (virtual adapter) on all platforms. The only exception we found is on iOS and if you use "Allow LAN Traffic" feature. We're investigating if a fix is even possible with that feature enabled (but you could always disable it).
Click to expand...

Raza0007 · May 8, 2024

ExpressVPN

https://www.expressvpn.com/blog/tunnelvision-expressvpns-statement-and-assessment-of-the-technique/

You may be hearing reports of a new vulnerability called TunnelVision that can allow an attacker to bypass VPN protection under certain circumstances. We’d like to take a moment to explain the report and reassure you of the security of the ExpressVPN apps and services...

...After a thorough evaluation, we can confirm that the technique described in the paper has minimal impact on ExpressVPN users, thanks to the robust design of our kill switch, Network Lock.
Click to expand...

ExpressVPN users are only effected if they manually disable "Network Lock - Kill Switch" inside the VPN. Network Lock - Kill Switch is enabled by default, it uses firewall rules to prevent traffic from flowing outside the VPN specified route, thus nullifying the findings of the research paper.

.

EDIT: The article linked above was updated today by ExpressVPN with info on iOS devices

But on iOS, there is some degree of vulnerability, even with our kill switch activated. This is due to a longstanding limitation set by Apple itself, which effectively makes an ironclad kill switch impossible. Still, using a 4G or 5G cellular connection instead of Wi-Fi is fully effective in preventing this attack.
Click to expand...

Triple Helix · May 8, 2024

More information here: https://www.reddit.com/r/IVPN/comments/1clwlup/tunnelvision_vulnerability/ and https://arstechnica.com/security/20...ly-all-vpn-apps-neuters-their-entire-purpose/ and here https://www.leviathansecurity.com/blog/tunnelvision

Buddel · May 8, 2024

Information from Mullvad: https://mullvad.net/en/blog/evaluating-the-impact-of-tunnelvision

Triple Helix · May 8, 2024

From IVPN last September 2023: https://www.ivpn.net/blog/ivpn-tunnelcrack-vulnerability-assessment/ more here: https://tunnelcrack.mathyvanhoef.com/

Tarnak · May 8, 2024

I have been in contact with Proton VPN, a short time ago, and requested info about this vulnerability. I am awaiting their reply:

Log in or Sign up

Why Your VPN May Not Be As Secure As It Claims

ronjor Global Moderator

JRViejo Super Moderator

Azure Phoenix Registered Member

Raza0007 Registered Member

Triple Helix Specialist

Buddel Registered Member

Triple Helix Specialist

Tarnak Registered Member

Log in or Sign up

Why Your VPN May Not Be As Secure As It Claims

ronjor Global Moderator

JRViejo Super Moderator

Azure Phoenix Registered Member

Raza0007 Registered Member

Triple Helix Specialist

Buddel Registered Member

Triple Helix Specialist

Tarnak Registered Member

Useful Searches