Novel attack against virtually all VPN apps neuters their entire purpose
Ars Technica
|
Contributed by: Drex DeFord
Summary
Researchers have uncovered a critical vulnerability in almost all virtual private network (VPN) applications called TunnelVision, which compromises the core function of VPNs by routing some or all traffic outside of the encrypted tunnel, potentially exposing user data to interception or alteration. This attack exploits the DHCP option 121 to reroute traffic through an attacker-controlled server instead of the VPN's encrypted tunnel, affecting users on all operating systems except for Android, which is not susceptible due to its lack of implementation of option 121. Despite various mitigation strategies suggested, such as running the VPN in a virtual machine or utilizing a cellular device's Wi-Fi for internet connection, the researchers from Leviathan Security indicate that no full-proof solution exists for other operating systems, highlighting a significant security gap in current VPN technologies.