NordVPN Hacked

Johnex · October 22, 2019, 7:50pm

Hi all,

In case you missed the news, NordVPN just admitted it got hacked, but they waited until their private keys were posted on twitter. You can read about it here:

https://www.infosecshirish.com/nordvpn-finally-admits-it-was-hacked/

On top of that, it seems it has happened for a long time. They might still be vulnerable. Here is more info:

My recommendation is change VPN ASAP if you are using them as they do not care about your privacy one bit.

For the tech savvy:

gist.github.com

https://gist.github.com/Snawoot/85f77356e229d77aa36f16059a629eea/

nordvpn.txt

#   _     _
#  (c).-.(c)
#   / ._. \
# __\( Y )/__
#(_.-/'-'\-._)
#   ||   ||
# _.' `-' '._
#(.-./`-'\.-.)
# `-'     `-'
root@vm-fi6:~# lxc-ls

This file has been truncated. show original

alzhao · October 23, 2019, 2:33am

The same as TorGuard. What is your recommendation for a better VPN?

sfx2000 · October 23, 2019, 3:36am

Johnex · October 23, 2019, 1:31pm

Yes the best VPN is always the self hosted one.
The downside of the solution above is that you are still dependent on a 3rd party with your data.
I don’t know how Azure and other services handle traffic, they might monitor it.

I personally use VPN.ac , they are fast and work for China too.

Here is a list of most secure to least secure ways of accessing the internet and general communication with 3rd parties:

Qubes OS (https://www.qubes-os.org/) This is the most extreme. Every program on the computer will be in it’s own VM container, so if you for example open a link in Firefox that was infected, it will only affect that instance. When you close Firefox and open it again, a new VM is created fresh. Copy paste between windows is also done in a secure way. This solution is for journalists and people that need to open links that might compromise their security.
Whonix (https://www.whonix.org/) The operating system is designed so that all traffic is sent via TOR, making DNS leaks impossible. Malware is also not able to use root to bypass any firewall configuration and get your real IP. Can be combined with Qubes OS above for even more security.
VPN + Proxy + TOR. Using a combination of the 3 will give you more security in case one layer is compromised, such as the VPN. Remember the VPN is usually hosted at a company. With any kind of pressure, they will cave in and release your data.
Self Hosted VPN. You will have full control, but you are dependent on the ISP or hosting provider not to log and analyse your data. It’s enough for a home user that just doesn’t want data to leak when at McDonald’s or any other public area. 2 GL Routers can set up a Wireguard link without any problems (wink wink)
Poor Mans VPN. If you for some reason only have access to say port 22 SSH, you can set up a so called poor mans VPN by routing your traffic through the SSH connection. For Windows you can use Bitvise SSH Client together with Proxifier. Read about that here: GL-MT300N-V2 remote access issues - #8 by Johnex . Ironically this solution will work better in China than a VPN, since companies rely on SSH to work and they won’t block it.
No encryption at all. Sometimes hiding in plain sight is more secure than spewing a lot of encrypted traffic into the net, getting it caught into the hands of people looking for such encrypted data.