Currently, over 500 million people are subscribed for Hotspot Shield VPN. The motto of this VPN provider sounds:
But in reality the state of affairs appeared to be different. As ZDNet reports, the expert of IT security Paulos Yibelo has found vulnerability of Hotspot Shield. Having studied its hardcoded host 127.0.0.1 and port 895, Yibelo identified sensitive JSONP endpoints.
According to the expert’s standpoint, it will be not a problem to identify WiFi name for an experienced hacker, which makes it possible to determine the location of the victim, crack user’s device and steal the data.
Besides, the vulnerability allows crackers to change OS codes by means of open port attacks.
Hotspot Shield VPN team’s reaction
Netizens betake themselves to Hotspot Shield VPN to surf the World Wide Web anonymously, bypass blocked websites and services and protect their sensitive data stored on the Internet against breaches.
AnchorFree admits the fact of vulnerability that may lead to some user info discloser. The VPN provider has a heavy hand in its customers. Thus, the developers declare that the situation will be changed during a week due to the unforeseen update.
Numerous attacks on Hotspot Shield clients are expected in the near future. In such a way, it is strongly recommended that access to the net be suppressed and wait till the VPN update, when the vulnerability will be deleted. Otherwise, personal data may be stolen by the hackers.
Follow the guideline described in the article and be protected online!