Click to Skip Ad
Closing in...

Security flaw can expose your real IP address when using a VPN

Published Nov 27th, 2015 6:15PM EST

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Virtual private networks (VPNs) are supposed to help users protect their online privacy. VPN services obfuscate the user’s real IP address by routing traffic through other international servers. There are plenty of online companies who offer free or paid access to VPN subscriptions that many users rely on to avoid geofences (read: access Netflix U.S. content from anywhere in the world), download pirated content or just to simply mask their online activity to enhance privacy protection.

However, a discovery has revealed that VPN services aren’t as secure as you’d think, as a huge security flaw can apparently expose the real IP address of their users.

DON’T MISS: 15 best online Black Friday sales that are live right now

VPN provider Perfect Privacy discovered the security issue, Torrent Freak reports, which is described “a simple port forwarding trick.”

As long as an attacker and a regular VPN user employ the same service, the trick can be exploited. The IP address of the victim can be discovered by forwarding traffic on a particular port.

From the sounds of it, the attacker has to know what he or she is doing to actually hunt down a target’s IP address. In other words, this isn’t a security issue that regular VPN users can take advantage of by themselves. Crucially, the attacker has to trick the user into clicking on certain content for the trick to work.

“Affected are VPN providers that offer port forwarding and have no protection against this specific attack,” Perfect Privacy said, and the flaw affects all VPN protocols across any operating system.

Some VPN providers have already taken action to patch the security issue, and it’s likely that others will also fix the problem in future updates.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.