June 9, 2023

NordVPN Hacked due to Expired Private Keys

Nord, a virtual private network provider has confirmed that it was hacked. After a tweet from Nord VPN invited the wrath of the infosec, it was discovered that they had breach which was finally acknowledged by Nord VPN.


Nord VPN Twitter
Nord VPN Twitter

After a security researcher named as undefined posted about the expired private keys by Nord which were leaked and was exploited at some point in time, Nord VPN admitted to the flaw that was known to them for a long time and made some tweets acknowledging the mistake.

NordVPN usually changes the server each user is connected to every five minutes or so, but that users get to pick which country they are connecting through. That means users likely would have only been impacted for intermittent periods. The breach also could have only impacted users who were connecting through Finland, which is where the breached server was located.

Nord VPN
Nord VPN

Nord has also said that information taken from the server couldn’t have been used to decrypt traffic on any other server. It acknowledges that a stolen encryption key, which is now expired, could have been used to perform a man-in-the-middle attack, with the hacker disguising themselves as a NordVPN server. But NordVPN says such an attack would have to be personalized and complicated and apply to a single person at a time.

Nord has also issued a statement that they have cut ties with the company that maintained the flawed server after this incident came to light.

Leave a Reply

Your email address will not be published. Required fields are marked *