Carding
Professional
- Messages
- 2,870
- Reaction score
- 2,511
- Points
- 113
A new exploit allows hackers to disable the victim's protection and reveal their real IP address.
A few days ago, on the foreign site Reddit information appeared about the discovery of a serious security vulnerability in the AtlasVPN client for the Linux operating system.
A cybersecurity researcher, who wished to remain anonymous, published a working PoC exploit and demonstrated to the public how attackers can, by placing the exploit code on their malicious site, gain access to the real IP address of any user of the Linux version of the above-mentioned VPN client.
"AtlasVPN doesn't take its users' security seriously. Their software security solutions suck so much that it's even hard to believe that this is a bug and not a special loophole. No one can be so incompetent," an anonymous expert criticized the company's approach.
According to the researcher, the vulnerability was caused by a number of serious errors in the application architecture. In particular, the AtlasVPN client opens the API on the local host on port 8076, which has absolutely no authentication.
Based on this, any program running on the computer, including a web browser, can gain full access to this port. This means that any website with the appropriate content can send a request on this port and simply disable the VPN, revealing the user's real IP address.
The expert tried to contact AtlasVPN support to report the vulnerability, but did not receive a response. In his opinion, this indicates a negligent attitude of the company to the safety of its customers.
At the time of publication of this news, AtlasVPN representatives have not commented on the situation. All users of the Linux client are advised to exercise caution when visiting unverified sites, or even temporarily change the VPN client until the vulnerability is fixed.
A few days ago, on the foreign site Reddit information appeared about the discovery of a serious security vulnerability in the AtlasVPN client for the Linux operating system.
A cybersecurity researcher, who wished to remain anonymous, published a working PoC exploit and demonstrated to the public how attackers can, by placing the exploit code on their malicious site, gain access to the real IP address of any user of the Linux version of the above-mentioned VPN client.
"AtlasVPN doesn't take its users' security seriously. Their software security solutions suck so much that it's even hard to believe that this is a bug and not a special loophole. No one can be so incompetent," an anonymous expert criticized the company's approach.
According to the researcher, the vulnerability was caused by a number of serious errors in the application architecture. In particular, the AtlasVPN client opens the API on the local host on port 8076, which has absolutely no authentication.
Based on this, any program running on the computer, including a web browser, can gain full access to this port. This means that any website with the appropriate content can send a request on this port and simply disable the VPN, revealing the user's real IP address.
The expert tried to contact AtlasVPN support to report the vulnerability, but did not receive a response. In his opinion, this indicates a negligent attitude of the company to the safety of its customers.
At the time of publication of this news, AtlasVPN representatives have not commented on the situation. All users of the Linux client are advised to exercise caution when visiting unverified sites, or even temporarily change the VPN client until the vulnerability is fixed.
