Users have been put on alert after it was discovered some of the world’s most popular VPN’s could be linking their private data.
A new report claim that 7 out of 17 VPN’s have been found to be leaking data via their Google Chrome extensions.
According to John Mason from TheBestVPN and an ethical hacker known as Cure53 who goes by the Twitter handle of File Descriptor, the Chrome extensions are leaking DNS data of VPN users.
DNS or Domain Name System serves as the ‘phone book of the internet’ and makes it possible for users to view websites by translating the IP address to a particular domain.
When a DNS leak occurs it means that an internet service provider or other third party may be able see what websites the user has been visiting.
In a post revealing his findings, Mason wrote: “Google Chrome has a feature called DNS Prefetching which is an attempt to resolve domain names before a user tries to follow a link.
“It’s a solution to reduce latency delays of DNS resolution time by predicting what websites a user will most likely visit next by pre-resolving the domains of those websites.
“Now, the issue is that DNS Prefetching continues to function when pac_script mode is used”, he explained.
“Since HTTPS proxy does not support proxying DNS requests and Chrome does not support DNS over SOCKS protocol, all prefetched DNS requests will go through the system DNS.
“This essentially introduces DNS leak.”
According the report the seven VPN’s leaking DNS data are:
1. Hola VPN
2. Touch VPN
4. Dot VPN
5. Hoxx VPN
6. Ivacy VPN
7. Opera VPN
Hola VPN and Touch VPN are some of the most popular VPN’s going. Hola boasts 8.7 million users, while Touch VPN has 2 million. Betternet also has around 1.4 million users.
Mason added that the VPN companies had been informed of the issue and are working on a fix.
Meanwhile, the VPN’s found not to be leaking data are:
7. HotSpot Shield
8. VPN Unlimited
9. Avira Phantom VPN
10.Private Internet Access