More
4

4 comments

[–] [Deleted] 3 points (+3|-0)

Translation

NordVPN was hacked

The VPN provider NordVPN apparently had an incident some time ago when an attacker had access to the servers and private keys. Three private keys appeared on the network, one of which belonged to an expired HTTPS certificate.

Several cryptographic keys and information about NordVPN configuration files have appeared in a leak. One of the keys matches an older NordVPN website certificate.

The leak has surfaced in an online discussion. In a now-deleted tweet, NordVPN wrote: "Nobody can steal your online life (if you use a VPN)." In response, someone sent a link to a text file containing evidence of a VPN provider hack.

RSA key leaked to website certificate

It seems to be a log file of the console. An attacker had access to a NordVPN server. Shown are various configuration files of the software OpenVPN as well as certificates and three private RSA keys. Two of the keys belong to the OpenVPN configuration, one belongs to a website certificate.

That the key actually belongs to the certificate, Golem.de could check and confirm. So at least this part is not a fake. The certificate is a wildcard certificate for the NordVPN domain, which is outdated. It expired in October 2018. This may indicate that the hack happened a long time ago, but of course it could also be that the attacker stole the key of an outdated certificate.
[–] [Deleted] 0 points (+0|-0)

Why, this seems historical?
[–] xyzzy [OP] 0 points (+0|-0)

How so?
[–] [Deleted] 0 points (+0|-0)

The VPN provider NordVPN apparently had an incident some time ago when an attacker had access to the servers and private keys. Three private keys appeared on the network, one of which belonged to an expired HTTPS certificate.
©2016-2022 Phuks LLC. All Rights Reserved.
ToS | Privacy | Changelog | Canary | Donate | Bugs | License
Served by c7693d2284ae