Categories: Digital IDLaws and regulationsSecurity

Proxy.sh – Can you trust your VPN provider? Maybe …

Proxy.sh VPN service with no-logging policy announced to have sniffed the traffic of US based server to Catch Hackers. Can we trust the VPN service?

Proxy.sh is considered one of most reliable VPN service with no-logging policy, its staff declares to provide any citizen all around the world the ability to protect their online privacy. Is is true? Are we sure that a VPN provider isn’t interested to our traffic?

VPN are considered one of the bulwarks for user’s privacy, quality VPN service sends the data through an encrypted tunnel to a secure server, hiding sensitive information from potential prying eyes.

Web portal torrentfreak.com published the news that Proxy.sh VPN Provider Sniffed Server Traffic to Catch Hacker also proposed by The Hacker News security portal.

Proxy.sh as shocked its customers with an announcement on an uncomfortable truth:

“We are unfortunate to announce that there have been abuses complaints about hacking activities on our U.S. Illinois 1 node. We have been saddened to learn that these actions were harmful to individuals (human beings). As a result, we will open this node again and monitor it with Wireshark for a period of 7 days.

The Proxy.shVPN provider admitted that they sniffed the traffic on one of its node located in the United States with unique intent to catch an alleged hacker.

According the revelation of the VPN provider its security team has installed Wireshark to track suspect traffic, but it was not necessary because the hackers apologized for the problems.

“We have decided to install a monitor on our Illinois 1 node so as to locate the hacker. A few hours after we announced this move to our public, the hacker came to us to apologize. We then completely removed the Wireshark installation.”

It would appear that Proxy.sh received a complaint from someone who claimed it was being harassed by a user of the VPN provider.

In the Internet there is no specific references to any legal process, law enforcement operation or court order that could have induced Proxy.sh to sniff users’ traffic, it seems in fact that Proxy.sh has operated without the influence of external entities.

“If you are the hacker, please stop your activities and leave our network. You are not welcome here. Our heaven is reserved for those who are not harmful to other human beings. If you do not leave, we will find you and report your activities to NGO and press officers. For all others, the heaven is still safe for you, dear ones. We will completely remove Wireshark after 7 days and restart the node so that everything is erased (RAM-switch). All other nodes are left unaffected by these actions. Update: Wireshark has now been removed/wiped.“

The event raised once again the debate on privacy protection offered by VPN services, in reality many services track numerous connection parameters including IP addresses, connection times and dates, others even analyze types of traffic routed through their networks.

Proxy.sh public revealed its sniffing activity with this advisory:

“This situation shows that we are actually really not logging anything and that we will always tell our members when we have to log one of our nodes or our entire network, either for maintenance and small internal affairs such as this.”

providing the following justification:

“We will only intervene into our traffic when we believe there have been activities infringing our ethical terms – that is when activities harmful to human beings (not corporations or entities) are taking place on our network. In such case, we do not privilege law enforcement agencies but rather communication, transparency and assistance from NGOs.”“

The principal question of whether or not a VPN provider is able to spy on the traffic, and if yes under which conditions this behavior is accepted by the users?

So how does the user know if he can trust his provider?

Sincerely user has no choice, he can only trust the answers they provided on privacy issues, I always suggest to carefully read the VPN service you sign up with, despite I’m conscious that there are no privacy guarantees.

I could be useful to promote the constitution for an independent foundation to do regular audits security and privacy issues of VPN providers …would be an important step forward!

Pierluigi Paganini

(Security Affairs – Proxy.sh, privacy, VPN)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.