Data of 21 Million Users from Free VPN Apps Leaked Online

According to the publication “Kommersant,” citing CyberNews, a database containing information on 21 million users of free VPN apps for Android, popular in Russia, has been put up for sale on the dark web. The database includes not only email addresses, passwords, and usernames from various services, but also data about users’ mobile devices, countries, and premium account payments.

Experts believe that cybercriminals could use this information for phishing and man-in-the-middle attacks. This puts confidential data, including passwords and bank card details, at risk.

The leak concerns users of the apps GeckoVPN, SuperVPN, and ChatVPN. Journalists who reviewed the database noted it is dated February 24, 2021. SuperVPN is among the most popular VPNs for Android, with over 100 million downloads on Google Play. GeckoVPN and ChatVPN have 10 million and 50,000 downloads, respectively. Notably, SuperVPN user data has been leaked before.

The main audience for these apps is residents of countries where internet resources are blocked (primarily Russia, China, and several Middle Eastern countries), according to Ilya Shalenkov, head of the cybersecurity services group at KPMG in Russia and the CIS.

Igor Bederov, founder of the company “Internet-Rozysk,” believes this leak occurred due to “obvious negligence in handling confidential information.” He stated that “the service owners simply did not bother to change the default passwords on their database servers.”

Kirill Solodovnikov, CEO of Infosecurity a Softline Company, added that when using a public VPN, users should understand that in the event of a provider attack or data leak, all their information could be at risk.