1 March 2021

A collection of user data allegedly stolen from popular Android VPNs leaked online


A collection of user data allegedly stolen from popular Android VPNs leaked online

A large database containing 21 million user records is offered for sale on a hacker forum. According to Cybernews, the data allegedly comes from three different Android VPN services – SuperVPN, GeckoVPN, and ChatVPN.

Among the three, ChatVPN has a fairly small user base with 50,000+ installs, while GeckoVPN and SuperVPN boast more than 10 million and 100 million users respectively.

The database put up sale contains three archives which include a variety of data, such as email addresses, usernames, full names, country names, randomly generated password strings, payment-related data, premium member status and its expiration data, as well as device information including device serial numbers, phone types and manufacturers, device IDs, device IMSI numbers.

According to the seller, the data has been exfiltrated from publicly available databases that were left vulnerable by the VPN providers due to developers leaving default database credentials in use. At the time of writing, it is not clear if the seller’s claims are valid or not as SuperVPN, GeckoVPN, and ChatVPN have yet to confirm or deny the data leak.

“If the data sold by the threat actor is genuine, it appears that the VPN providers in question are logging far more information about their users than stated in their Privacy Policies,” CyberNews noted.

Back to the list

Latest Posts

Vulnerability in Trend Micro antivirus products exploited in the wild

Vulnerability in Trend Micro antivirus products exploited in the wild

The flaw affects Trend Micro Apex One, Apex One SaaS, and OfficeScan Corporate Edition.
22 April 2021
University of Minnesota banned from Linux development for submitting buggy patches

University of Minnesota banned from Linux development for submitting buggy patches

Two graduate students at the University of Minnesota deliberately introduced known security bugs in the Linux kernel in the name of research.
22 April 2021
Qlocker ransomware campaign targets QNAP devices across the globe

Qlocker ransomware campaign targets QNAP devices across the globe

The campaign uses 7-zip to move files on QNAP devices into password-protected archives.
22 April 2021