Researchers have discovered the vulnerability of most Linux distributions and * NIX devices that allow hackers to hijack VPN connections and inject malicious data into TCP streams.
Security researchers have found vulnerabilities in most Linux distributions and operating systems such as Linux, FreeBSD, OpenBSD, macOS, iOS and Android.
How It Works
According to published reports, because of Linux vulnerabilities, attackers can determine “whether users are connected using VPN, make positive conclusions about the websites they visit and determine the correct order and recognition number.”
Because of this, dangerous points allow fraudsters to hijack active links in VPN tunnels. This operation works against OpenVPN, WireGuard, and IKEv2 / IPSec, but the Bad Breakpointing team at the University of New Mexico says the VPN technology used is not a problem.
By counting packets sent and checking their size, the team can determine which packages are sent through encrypted VPN tunnels, regardless of the type of VPN used.
Reach of attack
Although the bug was exploited by all Linux distributors, researchers found that the attack did not work on Linux distributions until the release of Ubuntu 19.10
The researchers also found that Linux distributions that use a back-filtering system version that switched from strict mode to loose mode and released after November 28 were also vulnerable.
According to the report, the reduction is possible by back filtering, dummy filtering or changes to encrypted packets to reach the same dimensions.