VPN Articles and News

Critical Security Flaw Leaks Real IP Address Of VPN Users

Sunday, April 26th, 2015

Virtual Private Networks have now become the de-facto method to preserve privacy on the internet. However, a newly discovered security flaw in WebRTC (Web Real Time Communication), a set of APIs that allows browsers and mobile applications to communicate with one another without relying on internal or external plugins; now threatens to undermine the privacy of VPN users. The critical flaw makes it extremely easy for the web service providers to see the real IP address of users even when if are using a VPN to obfuscate their personal details.

What Is WebRTC Flaw?

WebRTC flaw is a browser based security loophole which exposes real IP addresses of VPN users by exploiting a vulnerability in STUN (Session Traversal Utilities for NAT) servers. STUN servers are used by many VPN providers to translate IP addresses of their users to one of their own. These servers rely on NAT (Network Address Translation) to do the translation work plus they also ensure that VPN users don’t have to face any kind of data loss due to change of IP address.

To ensure correct IP address translation, STUN servers keep a record of real and assigned IP addresses in a tabular form. The WebRTC flaw allows web service providers to view the public (assigned by the VPN provider) as well as real IP address of users just by firing a simple query against this table. A few lines of code is all it takes to exploit the flaw and defeat the very purpose of using a VPN.

Although the WebRTC Flaw is a serious vulnerability, it is not found on all systems or browsers. So far, the flaw has been found to affect Firefox and Chrome browsers on Windows and FreeBSD operating systems. However, it is too early to declare that the vulnerability cannot be exploited on other systems. Many VPN providers, including TorGuard and Private Internet Access, have warned their users about the flaw as well as outlined the steps needed to prevent IP leakage.

How To Check If Your System Is Affected By The WebRTC Flaw?

It is pretty simple to check for the WebRTC vulnerability. First of all, you would need to check your real IP address by visiting a site like http://www.whatismyip.com (Disconnect your VPN connection before checking your IP). Make a note of your actual IP address and then enable your VPN connection. Clear the cache and cookies and check your new IP address by visiting the above site once again. After making a note of your new IP, visit the following website: https://diafygi.github.io/webrtc-ips/

If you can see both your real and assigned IP addresses then your system is affected by the vulnerability. However, if you see just the IP address assigned by your VPN provider then there is no IP leak from your system.

How To Fix WebRTC vulnerability

In order to fix the vulnerability, you would need to install a script blocking plugin on your browser. Security experts have recommended the following plugins in order to fix the flaw:

Firefox Browser
NoScript plugin – https://addons.mozilla.org/en-us/firefox/addon/noscript/

Chrome Browser

ScriptSafe plugin – https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf?hl=en
WebRTC Block plugin – https://chrome.google.com/webstore/detail/webrtc-block/nphkkbaidamjmhfanlpblblcadhfbkdm?hl=en

In case of Firefox, you can also type “about:config” in the address bar and then change the “media.peerconnection.enabled” value to “false” to patch the vulnerability.

Alternatively, it is also possible to prevent IP leakage by configuring your VPN connection on a router. Since the WebRTC flaw affects the browsers, there is no way web service providers can detect your real IP when you have enabled VPN tunneling at the router level.

April 26, 2015

Leave a Reply

Your email address will not be published. Required fields are marked *

0 + 4 =