Free VPN software left more than 18GB of connection logs accessible to the public. Threat actors could exploit the database to identify and even locate its users.
The Cybernews team discovered an open database containing 18.5GB connection logs generated by the BeanVPN app.
The dataset contained over 25 million records, including user device and Play Service IDs, internet protocol addresses (IPs), and connection timestamps, among other diagnostic information.
"The information found in this database could be used to de-anonymize BeanVPN's users and find their approximate location using geo-IP databases. The Play Service ID could also be used to find out the user's email address that they are signed in to their device with," said Aras Nazarovas, Cybernews security researcher.
The ElasticSearch instance our team discovered during a routine checkup is now closed. Cybernews repeatedly reached out to BeanVPN developer company IMSOFT for a comment but had not received a reply at the time of writing.
