Researchers have found a vulnerability on most Linux distros and *NIX devices which allow hackers to hijack the VPN connections and inject malicious data into the TCP stream.
The security researchers found the vulnerability in most Linux distributions and operating systems such as Linux, FreeBSD, OpenBSD, macOS, iOS, and Android.
How does it work?
According to the published report, the Linux vulnerability enables attackers to determine “if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgment numbers in use”
Therefore, the malicious point enables crooks to hijack active connections inside the VPN tunnel. The exploit works against OpenVPN, WireGuard, and IKEv2/IPSec, however, the team from Breakpointing Bad, University of New Mexico, says that the VPN technology used does not matter.
By counting the packets sent and examining their size, the team managed to determine what packets are sent through the encrypted VPN tunnel, regardless of the kind of VPN used.
Reach of attack
While the flaw was exploitable on all the Linux distros, researchers noted that the attack didn’t work on any Linux distribution until the release of Ubuntu 19.10
Researchers also found Linux distributions that use systemd versions that come with Reverse Path filtering switched from Strict mode to Loose mode, released post-November 28th are also vulnerable.
According to the report, mitigation is possible by turning reverse path filtering on, by using bogon filtering or making changes to the encrypted packets in order to make them of the same size.
