Researchers at VPNpro, a company that specializes in analyzing and comparing VPN services, analyzed the 20 most popular VPNs to see which of them allow attackers to intercept communications and push fake updates.
The analysis revealed that PrivateVPN and Betternet VPNs were vulnerable to attacks. Both vendors were notified in mid-February 2020 and they have released patches that should prevent any future attacks.
The research has discovered that vulnerabilities in the PC apps of two of the top 20 VPNs, PrivateVPN and Betternet, can allow hackers to intercept its communications and force the apps to download a fake update. The app may automatically apply the fake update, or send the user a notification to update the app.
You can read the full report here – https://vpnpro.com/blog/privatevpn-betternet-vulnerabilities/