Windscribe, a popular VPN based in Canada, has suffered a major security breach. Ukrainian authorities seized Windscribe servers and also obtained Windscribe’s private key, which allows them to decrypt traffic from Windscribe users. Windscribe staff has admitted they failed to properly encrypt their servers and are in the process of updating VPN infrastructure to “follow industry best practices.”
Millions of people around the world use VPN services, trusting that the VPN has taken the proper steps to ensure security. However, in some cases, a VPN will deviate from “industry best practices” — and this can harm and/or put the VPN’s users at risk. Such is the case with Windscribe.
While you may think that a VPN server seizure could be devastating for user privacy, this is not always the case. To understand why, let’s first look at a few previous examples before we closely examine what went wrong with Windscribe.
When servers are secure, server seizures are no big deal
We have been following the VPN space closely for many years and have seen a few cases where authorities have seized VPN servers. If the VPN service has its act together, this should not be a big deal. Here are two such examples that we covered in our no logs VPN article:
- Perfect Privacy, a Switzerland-based VPN, had servers in Rotterdam, Netherlands seized by authorities. Perfect Privacy’s servers were securely encrypted and did not contain any logs, thereby preventing any customer data from being exposed. Additionally, Perfect Privacy runs all servers on RAM memory only, without hard drives. This ensures no user data can ever be stored on any VPN server and nothing is available for anyone who seizes a server.
- ExpressVPN, which is based in the British Virgin Islands, had a similar incident. Authorities in Turkey were investigating a criminal suspect, who they believed also used ExpressVPN. They seized the ExpressVPN server in question, but again, there were no logs or data available. This case verified ExpressVPN’s no-logs claims, and they even went on to follow Perfect Privacy’s lead and converted all servers to run in RAM-disk with no hard drives.
Unfortunately, things did not go so well with Windscribe, prompting a major security overhaul, audit announcement, and more…
Windscribe servers seized, critical data left unencrypted
On July 8th, Yegor Sak, founder of Windscribe, announced on the Windsribe blog that “OpenVPN Security Improvements and Changes” were in the works. The article begins by explaining what is changing and the impact on users. However, it is only when you get further down in the article that we learn why things are changing.
Here is an excerpt from the announcement:
On June 24th 2021 our monitoring systems alerted us that two servers in Ukraine had gone offline. When engaging with our provider for those servers, we were informed that the two servers had been seized as part of an investigation of activity that occurred 12 months prior. The hosting provider failed to inform us of a preliminary hearing that took place earlier this year, during which a judgement was rendered to seize the two servers in question.
It’s interesting to see Windscribe attempt to push blame on the hosting provider, which may have been barred from revealing any information from the court judgment. But we also see why Windscribe is doing this. Had they been notified of the situation, they could have ensured their servers were encrypted and secure.
But that was not the case because Windscribe was not following “industry best practices” — by their founder’s admission.
Reading further, we find this alarming quote:
This announcement is quite revealing because it shows that:
- Windscribe picks and chooses which VPN servers to encrypt and which to remain unencrypted and exposed to random third parties.
- Windscribe does not consider Ukraine to be a sensitive country, despite the ongoing conflict and instability we have seen in the region since 2014.
- This also shows that Windscribe has been operating for many years without basic server security, putting Windscribe users at risk.
How this security breach affects Windscribe users
The biggest issue of this Windscribe security breach is that Ukrainian authorities obtained Windscribe’s private key, which allows them to decrypt VPN traffic under certain conditions. If this happened, they would be able to see what Windscribe users were doing while connected to the Ukrainian server and also collect/log this data.
This once again shows that without proper security, privacy also goes out the window.
Windscribe explained in its blog post that this mistake allows Ukrainian authorities to “impersonate a Windscribe VPN server and capture VPN tunnel traffic running through it” under the right circumstances. And while there are certain conditions that need to be met in order to capture traffic, this incident deals a major blow to Windscribe’s reputation.
Windscribe plans to take “corrective actions”
Windscribe’s blog post also details some corrective actions they plan to take.
We have been working on in-memory based servers for some time, and building out our automation for a new PKI and provisioning infrastructure.
The simple truth is that these safeguards were not in place when the server seizure occurred. This should not have happened and we understand that it hurts the trust you all have placed in us. The plans to upgrade our server stack were deferred in order for us to grow our team and build the foundations that would allow us to execute the planned improvements.
Remember above when we noted that other VPNs (and their customers) have survived server seizures without any issues?
The key factor with both Perfect Privacy and ExpressVPN is that they were running secure, encrypted servers. Additionally, both VPNs have all servers in their network running on RAM memory without hard disks.
These leading VPN services have been doing this for years. In fact, most of our top VPN recommendations secure their servers and run the entire network on RAM memory without hard drives:
- NordVPN: All servers running in RAM, rolling out self-owned (colocated) hardware for all locations.
- Surfshark: All servers running in RAM memory.
- ExpressVPN: One of the first VPN services to implement RAM servers, behind Perfect Privacy.
Windscribe has also announced these additional actions in response to the security incident:
- Wireguard as the primary protocol. (We have covered the pros and cons of WireGuard here.)
- Resilient authentication backend
- New application features
- Security audit
Similar to what we found with RAM servers, we also find many of the same leading VPN services have passed various security audits.
Can Windscribe be trusted?
Many VPNs undergo turbulence, with some rising back strong, while others struggle to ever make a comeback. We noted the same phenomenon in the wake of the recent LimeVPN hack, where a threat actor was able to hack LimeVPN’s backup database and sell all the data on a hacking forum.
There are also cases of breached trust when it comes to logs and privacy. Recall the IPVanish logging case, where they claimed to have “zero logs” while logging user data an FBI investigation. The same thing happened with PureVPN, despite it being on the other side of the world and not subject to US jurisdiction.
A history of unprofessionalism
Is this Windscribe security breach a big surprise?
Not really. As we previously noted in our Windscribe review, the VPN comes across as unprofessional, kind of like a snarky teenager who doesn’t take anyone seriously. For example, below is a screenshot of the Windscribe VPN app. You can see check boxes for errors and problems, with faint grey lettering about how they are “just kidding.”
They are not laughing anymore.
Time will tell how this VPN fares and if it can recover from its mistakes. We have never been enthusiastic about recommending Windscribe. So nothing changes on our end.
There are plenty of other good VPN services to consider using, particularly those that have been implementing “industry best practices” for many years.
Well they can’t be bothered doing (periodic) audits so it shouldn’t come as a surprise.
Another vpn highly recommended by this blog surfshark hasn’t done or published an audit in 3+ years would love to see what they have to say when shit hits the fan.
“surfshark hasn’t done or published an audit in 3+ years”
What? This is false.
Surfshark just passed another audit conducted by Cure53 two months ago (May 2021).
ah well the [url=https://surfshark.com/blog/blog-surfshark-browser-extensions-stand-out-for-their-robust-security-independent-investigation-revealed]post[/url] from their front page link (verified security section) dates from 2018.
i stand corrected it seems this detail just got overlooked.
It’s troubling to read the comments on Windscribe’s Reddit page blaming this site for promoting a few vpns while at the same time dismissing this breach as nothing more as fear mongering. It’s like Trumpism but in the VPN and Reddit community
Sven, you may have written about it before and I just failed to find it, but what exactly was the reason given for the Perfect Privacy server seizure? With ExpressVPN, I know it was something to do with an assassination (or maybe just assassination attempt) of a Turkish official. Rotterdam NL isn’t an “enemy of the internet” like Turkey, so I’m wondering if proper legal procedure was followed.
Hi Matti, I don’t think the reason was ever disclosed.
Windscribe lets me watch anime on Netflix in Japanese with Japanese subtitles by telling Netflix that I’m connecting from Japan, and it does it for $2.00. I don’t use them for other purposes. 100% worth it. 😉
This is spam. Why is it allowed?
Hi Sven,
Another piece of fantastic journalism from RP.
I have some empathy for some organisations who get breached. For example, a not for profit or a small business. On the other hand organisations like Linkedin who operate at scale and are in the tech business have little excuse for security failings (They really annoyed me with their, “not a breach” language).
Windscribe is a tech company, they are in the very business of privacy and security. This is not acceptable.
Take a small business, I am thinking of a mechanic that maintains my car. If they got hacked and my PII got leaked, I would not get upset with them. If they put me on the road in a vehicle that was unsafe I would be furious.
A tech organisation that is not using best security practice is a disgrace.
The only positive I can see is that Windscribe do appear to have been reasonably (my opinion) open and timely in their disclosure.
I don’t believe Windscribe should be hopeful of recovering public trust without a policy that mandates regular independent audits.
Regards,
BoBeX
You are downplaying just how rare the circumstances need to be for a Windscribe user to be affected by this. You say “in rare circumstances” but you don’t say just HOW rare so let me copy this from Windscribe’s blog article regarding the matter:
=====
“The Ukrainian authorities have the hypothetical ability to impersonate a Windscribe OpenVPN server only if all 4 of the following conditions are met:
– The attacker has control over your network and can intercept all communications (privileged position for MITM attack)
– You are using a legacy DNS resolver (legacy DNS traffic is unencrypted and subject to MITM)
– The attacker has the ability to manipulate your unencrypted DNS queries (the DNS entries used to pick an IP address of one of our servers)
– You are NOT using our Windscribe applications (our apps connect via IP and not DNS entries)
The potential impact for the user if all of the above conditions are true:
– An attacker would be able to see unencrypted traffic inside of your VPN tunnel
– Encrypted conversations like HTTPS web traffic or encrypted messaging services would not be affected
– An attacker would be able to see the source and destinations of traffic”
=====
My takeaway from this is that if the Ukrainian authorities are already actively looking for you (ie. you are a wanted criminal) and you are using insecure DNS and non-HTTPS sites, AND you’re not using the actual Windscribe app, then you yes you might be affected until they roll out the patch.
As pointed out in their blog article, the resources required to use this vector of attack are immense and if I were to guess, no one will actually be impacted by this by the time Windscribe implements the patch to prevent this attack from working.
It’s funny that you praise a service like Nord when they had their server hacked and didn’t tell anyone until they were called out for it months later. Windscribe didn’t need to disclose this issue, no one would have even known about it unless they wrote the article. They told all their users about it through emails, in-app notifications, and social media posts for the sake of transparency. I still trust them with my data, and I like the jokes in the installer. The 2 aren’t mutually exclusive.
I correctly pointed out that certain conditions need to be met and then linked to the blog post for the details. Regarding NordVPN, I also covered the issue of the expired TLS certificate, which may have been leaked by an employee and could not be used to decrypt traffic. Big difference. And even then, the implications were even more limited than what happened here with Windscribe leaving servers unencrypted and giving random third parties access to real-time private keys.
Hi Anthony,
What are your thoughts on independent audits and whether this is necessary to ‘trust’ a privacy product?
BoBeX
Quit Windscribe