If you have used this free VPN, sorry, your data has been leaked

Using a VPN is recommended if we want to browse the Internet more safely. The problem is that not just any VPN is valid, since depending on which one you use, the final effect can be even worse, as has happened with a free VPN, which has filtered the data of more than a million users , demonstrating a double problem: that they collected them, and that they did not protect them properly.

The leaked database has been discovered by researchers at WizCase, and contains data on around a million users of Quickfox , a free VPN whose main use is to access Chinese websites from outside of China. Among the leaked data are names, phone numbers and much more information.

If you have used this free VPN

The server was not protected

The data was openly accessible to anyone without having to enter any type of username or password to access, in addition to the fact that the data was not encrypted. WizCase tried to contact Quickfox , but the VPN service has not even contacted them back.

quickfox vpn

According to WizCase, the fault lay in a misconfigured ELK server. ELK is the acronym for Elasticsearch, Logstash and Kibana , three open source tools that are used to speed up searches in large databases, such as Quickfox service logs. Access restrictions were well configured with Kibana, but not with the Elasticsearch server. Therefore, anyone with the address could access it and extract the sensitive information.

In total there are 500 million records that occupy 100 GB . Among the data, in addition to names and phone numbers, there are emails and passwords . Passwords are encrypted , but with an MD5 hash , which can be easily cracked with the cracking tools and power of today’s graphics cards.

More than a million users affected

In addition, the data included not only the IP addresses assigned to the users , but their real IP was also recorded, something very serious for a VPN service. Information was also collected from any other software that was installed on the device from which the VPN was accessed. For example, in the case of a PC, the path where each program was installed, installation date, and version was saved.

This type of information is normally collected, for example, for diagnostic data in the event of any incompatibility. Using this data, Microsoft usually determines if there are any programs causing problems. However, Quickfox has no reason to do so beyond spying, as their terms and conditions of use did not specify that they collect this information.

The data that appears was collected between June and September 2021 . Therefore, if you have used this VPN service in that period, your data is now in the hands of hackers. The personal information database affects one million people, while the software location database affects “only” 300,000.

This data can now be used to carry out phishing attacks impersonating Quickfox itself, or phishing attacks on other services; especially if you reused the password from other websites.