ExpressVPN, NordVPN and TunnelBear Fixes Voracle Vulnerability


In August 2018 a security researcher Ahamed Nafeez revealed a new vulnerability in the OpenVPN protocol. He called it “Voracle” and it can basically target any VPN connection which is using this protocol. Even though attacker needs several other elements to accomplish the hack, the first three major VPN vendors NordVPNExpressVPN and TunnelBear, came with the easy fix few days after the hack was published. Is this something you should be afraid as a VPN user?

How Does Voracle VPN Hack Works

The problem is in the encryption in the OpenVPN protocol used by default. And most of the major VPNs are using OpenVPN.

It compresses all the data before they are encrypted. If attacker adds known data to the traffic before its encrypted, he is eventually able to decode the encryption key and read the whole conversation between the client and VPN server.

How the Voracle VPN Hack Works

How the Voracle VPN Hack Works (source: Ahamed Nafeez’s presentation)

However, to be able to do this several other conditions need to be met:

  • The attacker needs to be on the same network as the victim
  • The victim needs to use HTTP connection and visit the attacker’s website
  • The victim can’t be using Google Chrome which is somehow blocking the attacker
  • The victim needs to be using a VPN with OpenVPN protocol and enabled encryption

How to Fix Voracle Vulnerability

As you can guess the fix on the vendor’s side is quite simple. Just disable the encryption in the OpenVPN protocol. And that’s what all NordVPNExpressVPN, and TunnelBear did.

It’s not clear whether disabling compression leads to decreased performance and connection speeds. At this point, we are also not sure how many of other VPN vendors have actually fixed this vulnerability. If you are aware of any other, just comment below and we will be happy to update the post.

To learn more about Voracle check out Ahamed’s presentation “Voracle – Compression Oracle Attacks on VPN Tunnels” which he presented in August 2018 in Las Vegas at the Black Hat conference.


About Author

Craig is a big supporter and believer in freedom on the Internet and that's why he is so interested in VPN products. He doesn't have a favorite VPN vendor, because he keeps constantly switching and testing them. Craig's favorite VPN server location is Bhutan.

Leave A Reply

⚠️ Check out our list of top 5 VPNs for 2020Download the Best VPN »