Hackers have claimed to have cracked the admin credentials of i2VPN, a popular VPN service provider. This breach has granted them access to the main admin dashboard of i2VPN, exposing sensitive information belonging to hundreds of thousands of users.
The hackers shared the VPN service’s dashboard URL, and admin’s credentials (e-mail address and password) on an Arabic-speaking hacker channel together with the message “حالا هی برید VPN های ناامن رایگان نصب کنید,” which, based on a web-translation, reads as “Now go install a free, unsecure VPN service.” They also included screenshots of what appears to be the backend of the dashboard, showing data centers and users’ subscription panels and revealing some user information.
According to statistics from Google Play, as of May 2023, i2VPN has been downloaded over 500,000 times. The app is also available for iOS devices though the exact number of downloads from the App Store is not publicly available.
It’s conceivable — but not definitively known — that each of the estimated 500,000 downloads from the Google Play Store (as well as each iOS download) correlates with an individual user account potentially impacted by this alleged breach. In other words, the purported data leak could potentially affect at least half a million individuals.
The information exposed in the screenshots shared included:
- User IDs
- User account names
- Registered email addresses
- Details relating to premium subscriptions, including subscription payment methods and expiry dates
Hackers could use the information above to spy on users’ activities and commit fraud.
Below is a breakdown of the data exposed in the breach:
| Where and when was the leak posted? | Telegram, on May 29, 2023 |
|---|---|
| Who posted it? | Unnamed hackers in an Arabic-speaking Telegram channel |
| Company affected | i2VPN |
| Size of the exposure | Potentially 500,000+ users accounts; Data centers |
| Number of affected users | Potentially 500,000+ |
Hackers can potentially use i2VPN’s exposed admin credentials to access personal information or find a backdoor to monitor users’ browsing activities.
Potential Impacts
Cyberattackers could also use the exposed account information for phishing attempts, using the registered names and email addresses to impersonate individuals or lure them into divulging sensitive personal information.
If you have an i2VPN account or subscription, consider the following steps to enhance your security, especially if you’ve noticed unusual activity in relation to your account.
- Consider whether you wish to continue using the service in light of these reported concerns.
- Consider reviewing accounts, platforms, and websites you accessed while connected to the VPN service and take measures to safeguard them, such as changing user credentials.
- Consider scanning your device for sensitive files or communication and immediately transfer or remove them to protect against further compromise.
(via SafetyDetectives)
