Private routers are also part of the 4 million internet hosts at risk
January 21, 2025 By George Phillips
(Image credit: Westend61 / Getty Images)
VPN servers and private routers are part of over 4 million internet hosts vulnerable to hijack from cybercriminals.
Vulnerabilities in multiple tunneling protocols, including IPIP and GRE, allow attackers to gain access to affected internet hosts, perform anonymous attacks, and gain unauthorized network access.
It doesn't appear as though any servers belonging to the best VPNs have been affected, but the threat to VPN servers worldwide and people's home routers is concerning.
What happened?
The vulnerabilities were discovered by Top10VPN alongside security researcher Mathy Vanhoef. A large-scale internet scan identified 4.26 million open tunneling hosts at risk, which included VPN servers, ISP home routers, mobile network gateways, and core internet routers.
The type of vulnerability concerns tunneling packets. This is when data is moved from one network to another and can be encrypted to hide the nature of the data being moved.
