A year or so ago, a user on a well-known cybercriminal forum posted a database of user credentials and device data stolen from three different Android VPN services for sale: SuperVPN, GeckoVPN and ChatVPN
Well, this database that was sold last year (or was trying to be sold), has now been published on Telegram for free.
10GB of VPN user data
According to VPNMentor researchers, the leaked logs comprised 10GB of data and exposed 21 million unique logs. The information included the following
- Complete names
- country names
- Randomly generated password strings
- billing details
- Subscription status and validity period
One of the relevant data is that 99.5% of email addresses were Gmail accounts, and this is too high a percentage for what usually happens normally. One reason this percentage of users is so high may be that whoever shared the database only shared a subset of the data and not the entire database.
GeckoVPN, SuperVPN and ChatVPN are free VPNs for Android and are proof that cheap can be expensive.