How safe is your VPN

20 Apr 2020

Working from home during the global pandemic has allowed the nations of the world to keep their economies limping along while they search for a fix, but it has come with a price.  Many remote workers’ home offices are utilizing Virtual Private Networks, or VPNs, to to log in, but they lack the level of cyber security at their work office, and hackers are cashing in.
Why VPNs?
A VPN allows employees to create a secure connection to their office’s network over the Internet; as such, VPN usage has sky-rocketed across the world.  In fact, NordVPN has stated that use of their services has gone up, globally, by a whopping 165%.
If VPNs create a secure connection to remote office networks, then how in the world are they being exploited by cybercriminals?  By utilizing phishing sites.
  • Fake “Nord VPN” site
    • Fake Domain: nordfreevpn[.]com
    • What happens?  An employee thinks they’re installing a VPN from the REAL Nord VPN, but in actuality, they’re installing “Grand Stealer” malware that can then steal various, potentially dangerous items:
      • Desktop files
      • User credentials and cryptocurrency wallets
      • Browser profiles, including credit card info and auto-fill data
      • Gecko credentials
      • FTP & RDP credentials
      • Telegram sessions
      • Discord software data
  • Fake “VPN4Test” site
    • Fake Domain: vpn4test[.]net
    • What happens? The victim thinks they’re testing their VPN, but they actually end up downloading “Azorult Infostealer” instead.  In addition to downloading other malware onto the system (specifically Masad stealer and Parasite RAT), “Azorult Infostealer” creates a bot ID on the compromised device, which it uses to communicate with its C2 server in order to steal:
      • Saved passwords
      • Cryptocurrency wallet
      • Browser login credentials & history
      • Cookies
      • Chat sessions
In addition to these methods, cyber criminals will actually create fake reviews to trick users into believing that it’s real.  Not only does it make it look more credible, but it also uses algorithms against the App stores by getting them ranked higher, so it comes up in searches.  In fact, just last week, Google booted a hostile Android VPN app called “SuperVPN” that had been downloaded over 100 million times!!

Keeping your business safe

Bottom line, if you download a VPN, it has a LOT of power.  It might be tempting to save money by downloading a free
service, but remember… You get what you pay for.  This isn’t something you want to skimp on because it could end up costing you so much more.
And of course, you can always contact us if you have any questions!

Schedule an Appointment

Schedule an Appointment

    Our clients are awesome!

    Based on 55 reviews.
    Jeremy Richards
    Jeremy Richards
    2020-03-13
    Petronella provides great advanced digital marketing and automation solutions for my business!
    Kate Swenson
    Kate Swenson
    2020-02-14
    Highly recommended for CMMC certification assistance! Excellent and affordable options for secure data hosting on local infrastructure. 5 stars!
    Tom Matzen
    Tom Matzen
    2020-01-25
    Petronella Technology Group helped us setup our sales and marketing automation, cybersecurity and compliance for our new Blockchain startup. Great to work with! Craig in particular really knows his stuff, can translate into non-tech speak, and has wisdom beyond his years. Highly recommend them.
    Justin Summers
    Justin Summers
    2020-01-14
    Craig is awesome! He is very professional and efficient with his work. I would definitely recommend Petronella Technology to anyone who needs state of the art service.
    Blake Rea
    Blake Rea
    2020-01-14
    Craig is an expert in his field. Impressed by his knowledge, A true pioneer in Cybersecurity. My business is safer thanks to Petronella Tech!
    Robert Friedman
    Robert Friedman
    2020-01-10
    For the last five years Craig has been the Contributing Editor for Cybersecurity for NC Triangle Attorney Law Magazine which I publish. His base of knowledge is always leading edge, pragmatic and early to understand for our readers who are not techies. He is patient and easy to work with.
    Tammy Everett
    Tammy Everett
    2020-01-10
    Craig Petronella, CEO of Petronella Technology Group provided the members of the Defense Alliance of North Carolina expert advice on cybersecurity and NIST compliance. Eye opening experience! Thanks so much!
    Julie Brown
    Julie Brown
    2020-01-09
    Craig and the Petronella Technology Group, Inc. team made HIPAA compliance for my small practice so simple and easy! They helped me with all of my HIPAA training, HIPAA Security Risk Assessment, Penetration Test, and HIPAA secure hosting so I can rest easy.
    Pivot Point
    Pivot Point
    2020-01-03
    Petronella Technology Group helped us with our marketing strategy for our new web startup. Awesome experience!!!!
    Richard Brunet
    Richard Brunet
    2019-12-30

    SCHEDULE AN APPOINTMENT

    Make It Happen Now

    CLIENT SUPPORT

    Don't Feel Stranded

    CONSULTATION

    Get Best Advice

    PAYMENTS

    Make A Payment

    Top