Background Description:
As most organizations have started Working from Home (WFH) as part of their Business Continuity Planning (BCP) initiatives, implementing a VPN is one of the ways to have a secure connection over the internet.
Cybercriminals are now actively searching for remote working tools and VPN software vulnerabilities that more people are relying on for WFH. SuperVPN has more than 100 million installations but has been removed from Google Play Store on 7 April 2020 as it might expose users to multiple vulnerabilities, leaving millions of users at risk.
Impact:
- Allows hackers to intercept communications between the user and the provider.
- SuperVPN contains vulnerabilities that opens a door to man-in-the-middle (MITM) attacks.
- The app allows sensitive data to be delivered over insecure HTTP. While the information passed between the user and the back end is encrypted, the decryption keys are stored within the app itself, making them an easy target for hackers.
- Allows hackers to view users' activity and send them to a malicious server where they could capture personal or financial data.
Recommendation:
- Immediately uninstall/delete the application to minimize the risk of being attacked.
- Frequently update operating system and antivirus.