Security researcher: 23% of tested VPNs leaks users’ IPs

WebRTC bug

Security researcher Paolo Stagno’s test showed that 23% of VPN plans will still be affected by a WebRTC bug disclosed in January 2015, leaking the customer’s real IP.

WebRTC is an open source solution that provides real-time communication capabilities for browsers and mobile applications. It is enabled by default in modern browsers such as Brave, Firefox, Chrome, Opera, and Vivaldi (Tor browser is disabled by default).

Additionally, these STUN requests are made outside of the normal XMLHttpRequest procedure, so they are not visible in the developer console and cannot be blocked by plugins such as AdBlockPlus or Ghostery. This makes these types of requests available for online tracking, de-anonymize and traces users behind common privacy protection services such as VPN, SOCKS Proxy, HTTP Proxy and (in the past) TOR users.

Paolo Stagno published a spreadsheet and recorded about 200 IP leaks for VPN and proxy services (many records were provided by users). Security researcher also released a  POC that allows users to check their IP leaks. His expedient measure is to disable WebRTC and JavaScript.