|Support||Chat & Email|
CyberGhost is a larger VPN service that you’ll often see recommended on various “review” websites. But don’t be fooled by fake reviews that only regurgitate marketing slogans.
Most of these “review” websites ignore the fact that CyberGhost, Private Internet Access, and ZenMate are all owned by the same company, called Kape. Kape is an Israeli business with a history of producing malware and collecting data for profit.
In this new and updated CyberGhost VPN review, I will reveal everything I found out about the company, while also publishing all of our VPN test results.
- User-friendly applications
- Good leak protection features (kill switch)
- Competitive prices
- Live chat support
- Troubling history with the parent company
- Slow to establish connections
- The website uses aggressive tracking
- Broken ad blocker for HTTPS sites
- Connection logs
After covering the pros and cons, we will examine these frequently-asked questions (FAQs) and discuss a few CyberGhost alternatives.
And as with all of my VPN reviews, I begin by thoroughly researching the parent company and the history of the VPN service.
In the case of CyberGhost VPN, this research revealed some very interesting issues, which is where we will start.
Who owns CyberGhost? Kape Technologies (formerly Crossrider)
Officially, CyberGhost operates under the company CyberGhost S.A. in Bucharest, Romania. That being said, there’s an interesting history with the ownership of the company and outside investors.
CyberGhost was previously owned by Robert Knapp – a German tech entrepreneur – and based/operated out of Romania. However, that has all changed since Knapp sold CyberGhost VPN to outside investors.
In 2017, CyberGhost was acquired by an Israeli company called Crossrider for €9.2 million.
Crossrider changed its name to “Kape Technologies” in 2018 – for reasons that we’ll explain below.
Then in October 2018, Kape purchased Zenmate, a Germany VPN provider, for an undisclosed amount. This lines up with the trend we’ve observed of VPNs getting bought up by outside investors.
Now here’s where things get interesting…
Troubling ties: Crossrider, CyberGhost, and malware
Crossrider offers a highly configurable method for its clients to monetize their software. The common method to infect end-users is software bundlers. The installers usually resort to browser hijacking. Targeted browsers are Internet Explorer, Firefox, Chrome, and sometimes Opera. Crossrider not only targets Windows machines but Macs as well.
PUP.Optional.Crossrider installs are typically triggered by bundlers that offer software you might be interested in and combine them with adware or other monetizing methods.
According to Malwarebytes and many other reputable online security websites, Crossrider was hiding malware in software bundlers, which would then infect the user’s computer with “adware or other monetizing methods”.
Now let’s look at an example. This article from 2018 illustrates how Crossrider malware was infecting computers through fake Adobe Flash updates:
A new variant of the Crossrider adware has been spotted that is infecting Macs in a unique way. For the most part, this variant is still quite ordinary, doing some of the same old things that we’ve been seeing for years in Mac adware. However, the use of a configuration profile introduces a unique new method for maintaining persistence.
…This new Crossrider variant doesn’t look like much on the surface. It’s yet another fake Adobe Flash Player installer, looking like the thousands of others we’ve seen over the years….
Is this a company you’d trust to run your VPN service and handle all your internet traffic?
With such a troubling history, it appears that the parent company attempted to distance itself from its own past. In 2018, Crossrider decided to change its name to Kape Technologies.
As the CEO admitted here, the name change was an attempt to distance Kape from shady “past activities”:
The decision to rename the company, explains Erlichman was due to the strong association to the past activities of the company as well as the need to enhance the consumer facing brand for the business.
CyberGhost even hinted at this ironic conflict of interest in their blog post:
While CyberGhost focused on privacy and security from day one, Crossrider started out as a company that distributed browser extensions and developed ad tech products. Quite the opposite of what we did.
This is concerning since a VPN can be a data collection tool in disguise. I discuss this in my Hotspot Shield review, a VPN that was found to be embedding tracking libraries in its VPN apps.
Crossrider describes itself as an “online distribution and digital product company” and appears to be heavily focused on advertising and data collection (the two go hand-in-hand). There isn’t much discussion about Crossrider on the CyberGhost website, other than the Terms and Conditions page.
Reading through the Terms and Conditions, I did find this excerpt:
You understand that CyberGhost undertakes no responsibility for your actions. In case of statutory violations by the user, Crossrider may cooperate with public or private authorities at its sole discretion as provided by law.
This is “lawyer speak” for saying that the parent company can and will cooperate with third parties when it deems necessary.
To summarize these findings:
- Cyberghost started out as a VPN provider based in Romania
- Cyberghost’s owner sold out to an Israeli company called Crossrider in 2017
- Crossrider is known for hiding malware/adware in software bundles to infect users’ computers for data collection and monetization purposes (according to various security experts)
- Crossrider changed its name to “Kape Technologies” in 2018
- Crossrider malware is still a threat and infecting computers, according to different security blogs
This isn’t the first time we’ve seen VPNs and malware discussed together. Malware is often hidden in free VPN services to collect your data, which is then sold by the parent company.
Ultimately, choosing a good VPN all comes down to trust, which is a subjective topic that only you can decide. So now let’s examine the VPN itself.
CyberGhost price and refund policy
The cheapest that you can get CyberGhost for right now is $2.75 per month, but you’ll have to purchase the three-year plan. Monthly plans will be significantly more money at $12.99 per month, as you can see below.
This is on the lower end of the price spectrum, particularly for the longer-duration plans. This makes CyberGhost one of many cheap VPN providers.
The key question with pricing is always value, or what you get for your money. I’d say there are other VPNs that offer more value with certain coupons (see the ExpressVPN coupon for example).
Refund policy – CyberGhost offers two different refund windows, depending on the subscription plan you choose:
- 45 day refund window for all plans that are 6 months or longer.
- 14 day refund window for monthly plans.
This is a pretty good refund policy, and it is apparently “no questions asked” – so they don’t require troubleshooting before the refund is issued. For this review I purchased a one-month subscription via Bitcoin. I’ll update this section if there are any problems with the refund.
CyberGhost VPN apps
CyberGhost offers dedicated VPN apps for:
- Mac OS
Additionally, CyberGhost offers support for Linux, routers, NAS, and Chromebooks. However, without a dedicated Linux app, it’s not the best VPN for Linux you will find.
We’ll take a closer look at the Windows app below to see how it performed in real-world testing.
CyberGhost encryption and VPN servers
CyberGhost currently uses an AES 256-bit cipher with a 4096-bit RSA key and SHA256 for authentication. CyberGhost refers to this as “military grade encryption”, which the VPN industry typically associates with the 256-bit cipher.
According to the CyberGhost website, they offer about 7,000 servers in 90 different countries.
When testing out the CyberGhost VPN apps, I noticed that many servers were overloaded with users. This may explain why speeds were not very good.
In the screenshot below, you can see that many CyberGhost UK servers were overloaded, between 75% to 100% + capacity.
If you need a VPN for the UK, or a UK VPN server, CyberGhost probably isn’t the best choice.
CyberGhost servers in Europe seemed to be more congested than servers in the US.
CyberGhost VPN Windows test results
For this CyberGhost review, I tested out Version 7 of the Windows client. The design and layout were good, but when I first tried installing CyberGhost, I got a persistent error.
After doing some troubleshooting with support I was able to get CyberGhost installed correctly on my Windows test machine.
Below is a screenshot of the CyberGhost Windows client that I tested out for this review. This sits in the bottom-right corner of the Windows desktop, stuck above the tray. (It cannot be moved.)
Clicking the server location will allow you to select a different server. If you click the arrows on the left side of the VPN client, a new window will open up that reveals more servers, settings, and configuration options.
Overall I liked the general design and layout of the client. If it wasn’t for the operational problems identified below, this could be a possible contender for the best VPN for PC.
CyberGhost is slow to establish VPN connections
One problem that I had when testing CyberGhost is that it could be really slow to establish connections. This wasn’t always the case, but in many instances, it could take longer than a minute to establish a connection.
The problems with CyberGhost not connecting seemed to occur randomly.
Changing the VPN protocols did not seem to make much difference. I’m not sure exactly what was causing these issues, and support was not able to help much, either.
CyberGhost leak protection settings and kill switch
On a positive note, the new CyberGhost client offers some good leak protection settings and a functioning kill switch to block VPN traffic if the connection drops. If you are in the CyberGhost Windows client, you can click the arrows on the left side to access the client settings and features.
By default, CyberGhost has the kill switch feature and DNS leak protection options enabled.
I ran some basic VPN tests to check for leaks and everything seemed to be working fine.
Here were the test results with the Windows client (no leaks):
No leaks were identified when running the basic VPN tests.
CyberGhost ad blocking feature
CyberGhost offers an ad-blocking feature, but it does not work well and I would not recommend using it.
Here’s what the CyberGhost ad blocking features look like in the Windows client:
I took a close look at this feature and even tested it out in comparison to other VPN ad blockers. The results were not good. Here’s what I noted about CyberGhost in my guide on different VPN ad blockers:
CyberGhost is an interesting case, but not in a good way. Instead of filtering ads and malicious content via DNS requests, they actually look inside the traffic and modify requests to certain domains so they display content from Cyberghost instead.
This is problematic for a few reasons. First, manipulating traffic is something a trustworthy VPN provider should not do – even with good intentions. Secondly, this only works over http since https connections are encrypted and Cyberghost cannot (easily) access that content.
With the CyberGhost version tested for this article, there is no root certificate being installed. But because they are still using the same methods to filter traffic, that means their “ad blocker” does not effectively work on HTTPS websites. Basically, CyberGhost’s ad blocker is barely working, especially since it will be ineffective on all HTTPS websites.
If you want a good VPN ad blocker, there are some better options to consider. I like Perfect Privacy with the TrackStop filter. Both NordVPN and Surfshark also offer VPN ad blockers.
CyberGhost VPN speed test results
For this updated CyberGhost review, I ran all new speed tests with servers in the US, Canada, and the UK. All tests were conducted on a 500 Mbps baseline connection using the official CyberGhost VPN client.
First I tested servers in the United States. Here was a CyberGhost server in Seattle at 71 Mbps.
This may not be horribly slow, but it is a lot slower than my baseline speed of 500 Mbps. This isn’t a good start to the speed tests.
Next I tested a CyberGhost server in Los Angeles, and the speeds were even worse: 52 Mbps.
The last CyberGhost VPN server I tested was in New York, with speeds about like before: 70 Mbps.
Ok, so we’re not looking good with US servers. But maybe Canada is better?
Indeed, the friendly neighbor to the north does have faster speeds, but not by much. Here was a server in Toronto, Canada at 90 Mbps.
This isn’t the best VPN for Canada in terms of speeds. We haven’t even hit 100 Mbps yet with any CyberGhost server in the US or Canada. Is Europe any better?
Answer: No. For my final CyberGhost VPN speed test, I connected to a server in the UK. The results were dismal at around 1 Mbps.
I’m not sure you can even stream video at speeds like this. Even the Tor network is faster (see the VPN vs Tor tests).
To summarize these tests, CyberGhost is not the fastest VPN we have tested. In fact, it’s far below the industry average. One factor affecting speeds is server loads. And as we noted above, many of CyberGhost’s servers are loaded with users, which can slow down performance for all users.
In our comparison tests, CyberGhost also did not do well. You can see this for example in the CyberGhost vs ExpressVPN comparison.
Invasive tracking measures on the CyberGhost website
Although nearly every VPN service runs Google Analytics to track the effectiveness of their Google ads (which can be very important for acquiring customers), some VPNs go overboard with tracking.
Unfortunately, CyberGhost falls into the second category, and I’ve pointed this out before. Here’s what I found when visiting CyberGhost’s website for this review update: a whole mess of trackers and third-party cookies.
This lines up with previous CyberGhost reviews and trackers I found. Previously, I found them to be utilizing Hotjar session recording scripts. These session recording scripts literally record every interaction you have with the website in a video, which is stored on third-party servers.
To be fair, nearly all VPNs have some basic tracking and analytics on their websites, which usually includes Google Analytics. Running a website without any analytics is basically impossible, because you have no idea what to improve and fix for your readers. Unfortunately, CyberGhost goes a bit overboard here.
Testing out CyberGhost support
For support, CyberGhost offers chat, email, and various guides on their website.
I tested out the chat support and it seemed alright.
The chat representatives were prompt and helpful, although the random slow connection problem did not really get fixed.
CyberGhost offers 24/7 live chat and I was able to connect with a chat representative in under 30 seconds every time I tested it out. I did not test out the email support, but I did find some helpful guides on the website.
Does CyberGhost work for torrenting?
Officially, CyberGhost is a torrenting-friendly VPN service. They are based in Romania, which does not fall under any stringent copyright laws (unlike the United States and DMCA, for example). Many VPNs also restrict torrenting, such as TunnelBear.
Regarding their torrenting policy, CyberGhost explains this on their website:
We also have servers optimized for torrenting ensuring a smooth and seamless torrenting experience.
Torrent through a secure encrypted VPN tunnel and leave any surveillance worries behind. Say goodbye to any throttling from your Internet Service Provider and unblock restricted torrent domains!
Within the CyberGhost VPN client, you can select any of these torrenting servers. That being said, not all servers work with torrenting and P2P traffic:
None of the current P2P technologies are illegal per definition, but we have to block P2P protocols on certain servers, either due to strategic (this is traffic that unnecessary slows down other user’s traffic) or due to legal reasons in countries where we are forced by providers to block torrent traffic, among them USA, Russia, Singapore, Australia and Hongkong (China).
In the list of servers you will find a check mark on P2P/Torrent compatible servers.
This is fairly common in the VPN industry, where VPNs can get kicked out of data centers for too many copyright violations (such as in the US).
Overall, CyberGhost isn’t the worst option, but it’s also not one of the best VPNs for torrenting due to the slow server speeds.
On the homepage, CyberGhost claims to be a “no logs” VPN provider with a “strict no logs policy”.
Here you can see their claims:
But this is not really accurate.
Additionally, when you log in to your account, you can see that the devices you use with CyberGhost are being logged. Here’s a screenshot from my test account, showing that two of my devices are being logged:
Based on this information, it is clear that there are some connection logs being maintained. Many VPNs maintain some basic data to enforce the connection policy. CyberGhost, however, goes so far as to log the devices you use and then save this under your account info — all while claiming to be “no logs”.
If you want to see alternatives, there are some good VPNs with no logs that have been verified in real life.
Does CyberGhost work with Netflix?
CyberGhost has generally not worked well with unblocking Netflix. While they always claim to work with Netflix, many of their streaming servers are blocked and unable to get through to Netflix and other sites.
Here’s a previous example of CyberGhost’s streaming server getting blocked out by Netflix:
With the latest round of tests, however, I found one CyberGhost server to get through to US Netflix. Overall, it seems that CyberGhost is hit or miss with streaming. It’s not the most reliable Netflix VPN, but it does offer some dedicated streaming servers.
Aside from Netflix, CyberGhost does have a few other servers for different streaming channels around the world. For example, they also have a server if you need a VPN for BBC iPlayer.
Does CyberGhost work in China?
Because I am not physically in China, I cannot test VPNs there. Nonetheless, I posed the question to CyberGhost staff.
The answer is clear: CyberGhost does not work in China.
A few years back, Robert Knapp was interviewed by CNN and he voiced frustration with trying to make CyberGhost work in China. It seems they are not even working on that today.
If you are in China or going to China, not to worry. There are still some VPNs that work in China.
CyberGhost Review Conclusion: Not Recommended
Taking everything into consideration, CyberGhost is somewhat of a mixed bag. They offer user-friendly VPN apps with secure encryption, but there are lots of drawbacks to consider before signing up for this VPN.
Here’s what keeps me from recommending CyberGhost VPN to my readers:
- Troubling history with parent company (Kape, formerly Crossrider)
- Slow to establish connections
- The website uses aggressive tracking
- Broken ad blocker for HTTPS sites
- Connection logs
- Does not work well with Netflix, or in China
One recurring theme I stress here at Restore Privacy is that trust is a major factor when it comes to selecting privacy tools. This is because these tools can also be undermining your privacy and security. With the history behind the parent company (Crossrider / Kape) and the issues with root certificates, there are definitely some red flags. Of course, only you can decide which products and services to trust – and this is a subjective decision.
At the end of the day, CyberGhost still has a lot of work to do – and there are some other great alternatives you could instead be using.
Alternatives to CyberGhost VPN
Click the VPN name below to read our full review – or grab the discount for the best savings. All three of these VPNs have a 30 day money-back guarantee.
You can also check out these top-rated VPNs for other recommendations.
If you have used CyberGhost VPN, feel free to share your honest review (good or bad) below.
CyberGhost VPN Review