From VPNta: After Twitter Slowdown, New Russian Data Leaks Possible
Free circumvention apps collect sensitive information but do little to protect it
Due to the slowdown in the speed of Twitter in Russia, the popularity of VPN services that help restore full access to the social network may grow, according to information security experts interviewed by Izvestia. This is fraught with new leaks of personal data of citizens , experts warned. Many free VPN providers collect huge databases of their users, but they don't always manage to store them, experts say. From time to time, advertisements for the sale of such arrays appear on the darknet. They may include search history, email addresses, usernames and passwords, information on payments made.
Due to the refusal of the social network to remove prohibited content on March 10, Roskomnadzor began to slow down its work in the Russian Federation
On March 10, Roskomnadzor slowed down the Twitter microblogging service in Russia on all mobile devices and by 50% on stationary devices. The restrictions affected only the download of images and videos, and did not affect the transfer of text content. The agency explained its decision by the fact that Twitter repeatedly ignored the requirements to remove materials prohibited for distribution in the Russian Federation: child pornography, drug propaganda, and calls for suicide.
Twitter users on the same day faced the consequences of restrictions. Some have critically slowed down the download speed of media files.
- Most likely, active users of this social network will look for opportunities for its further use. Therefore, the popularity of VPN services will surely grow, - says Andrey Biryukov, technical director of InfoWatch group of companies.
VPN (Virtual Private Network) services allow you to change the actual IP address (device identifier in a computer network). Some Russians used the same tool to bypass Telegram blocking.
Anastasia Barinova, deputy head of the Group-IB computer forensics laboratory for training, does not exclude a surge in the popularity of VPN services.
Twitter responded to the measures of Roskomnadzor
However, it is difficult to unequivocally predict such a trend until Twitter is completely blocked, said Diana Selekhina, chief analyst at Infosecurity a Softline Company, a digital threat detection service. Probably, part of the audience will continue to use the social network in the format available now, since these people only need to read the content, she suggested.
Many free VPN services collect confidential information about users , experts interviewed by Izvestia say. This includes data such as search history, email addresses, logins and passwords, information on payments made , said Ekaterina Kilyusheva, head of the information security analytics department at Positive Technologies.
And can the incident be related to the hype around Pfizer and BioNTec
- The application can collect data from the user's device. For example, information about installed programs. Request access to contacts, microphone, camera, location. Individual applications may even ask the user to enter billing information, the expert said.
It is quite costly to maintain a VPN service, so companies that provide the service for free may try to make money on users by selling anonymized statistics and confidential data, said Ekaterina Kilyusheva. Evgeny Voloshin, director of the block of expert services at BI.ZONE, agrees with her.
- Such services, of course, should be treated with caution. Often their monetization schemes are very dubious, and some do not hesitate to sell very sensitive data. Users should understand that all information that passes in the clear through a VPN provider can get to third parties, - said the specialist.
Lovers of "freebies" can seriously pay for their carelessness
Most often, free VPN operators sell information about websites visited by customers to third parties (for example, advertisers), added Ashot Hovhannisyan, founder of DLBI data leak intelligence service.
Flow like a river
Also , utility developers do not always cope with storing the collected data properly , experts say. The more the service, the higher the likelihood of a drain, some experts say.
- Such leaks occur at least once a quarter. Free VPN operators are "poor" companies with no way to invest in cyber security. But they use a large volume of server infrastructure all over the world and really do not have time to monitor it, ”said Ashot Hovhannisyan.
One of these leaks happened at the end of February, BI.ZONE recalled. Databases of services for Android GeckoVPN, SuperVPN and ChatVPN turned out to be on the darknet.
1 million accounts leaked, including email addresses, encrypted passwords and country information. The seller offered all this data for $ 1,000, - said Evgeny Voloshin.
However, data traders do not have much interest in VPN leaks, added Ashot Hovhannisyan. Most of the databases are handed out for free or sold for symbolic money, which indicates a lack of ideas for their monetization, he suggested. On the other hand, the data leaked in February is quite suitable, for example, for phishing emails, other experts say.