VPN usage is a 'serious security concern'

(Image credit: Shutterstock.com)
Audio player loading…

New research has suggested that not all VPN solutions are particularly trustworthy. A study (opens in new tab) by cyber threat data provider WhoisXML API looking at 1,540 IP ranges connected to known VPN data centers and service providers found that a number had been associated with malicious activity.

After running all the IP addresses against various blacklists — the Passive Spam Blocklist and the Feodo Tracker Botnet C2 IP Blocklists – WhoisXML API found that 89 of them had previously been cited for malicious activity and were blacklisted as a result.

In addition, by investigating the logs of a small private server, the researchers were also alerted to 904 IP addresses from which apparently malicious and unwanted SSH login attempts were made over a five-day period - 14 of these attempts came from VPN-connected malicious IP addresses.

Choose carefully

Out of the 89 malicious IP addresses found by WhoisXML API, 29 of them were owned by DigitalOcean, a US-based cloud infrastructure provider, which also owned 12 of the 14 IP addresses responsible for SSH login attempts. The fact that a single vendor was found in connection to the majority of suspicious IP addresses suggests that its policies surrounding its VPN services may need to be reinforced.

Increasingly, cyberattackers are using the poor security practices of some VPN providers to conduct illegal activity. Open VPN servers are easily abused, allowing criminals to get away with data theft and other malicious activity.

VPN deployment is increasingly common and while corporate use is well-established, consumer use is often associated with more shady actions – including hiding IP addresses to enable illegal activity. Now, research suggests that such activity comes with risks. Today, VPNs may be used widely but it appears that not all of them should be trusted.

  • We've also highlighted the best VPN (opens in new tab) services

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.