Recent reports confirmed that many VPN tools actually leak your IP address to third-party entities. We recently came across a new security report that suggest things are even worse when it comes to Chrome VPN extensions.
As a matter of fact, a whooping 70% of all the tested extensions leak your DNS.
Security researcher John Mason and ethical hacker File Descriptor tested 15 VPN services and found out that 10 of them actually leak your DNS through their browser extensions.
As John Mason explains, Chrome uses DNS Prefetching to reduce website loading latency by predicting what websites you’re going to visit.
Chrome provides users with two modes to set up proxy connections after installing a VPN extension: fixed_servers and pac_script.
The majority of VPN extensions use the pac-script mode. However, this mode allows dynamic HTTPS/SOCKS proxy server host changes. Up to a certain point, this is a good thing as it optimizes the VPN connection depending on what websites users choose to visit.
So, if you use your extension to play games, the script will select a proxy server that’s optimized for playing games.
However, this behavior leaves users vulnerable to DNS leaking. Certain webpage might force visitors to leak DNS requests.
In other words, when you type a website address in the address bar, the suggested URL is actually DNS prefetched. This means that ISPs can then collect this information about the websites that you often visit even if you use a VPN extension.
The list of VPN extensions affected by DNS leaks includes: Hola VPN, TunnelBear, Betternet, Ivacy VPN, DotVPN and more.
You can mitigate this DNS leak problem by disabling the predictive service from Chrome‘s Settings.
In case you want to be secure while surfing the internet, you will need to get a full-dedicated tool to secure your network. Install now Cyberghost VPN with a 50% discount and secure your computer. It protects your PC from attacks while browsing, masks your IP address and blocks all unwanted access.
DNS leaks may severely affect your online privacy and security. To keep your DNS protected, you can also use these additional security measures:
- How to use DNS server 220.127.116.11 on your Windows 10 computer
- Keep your DNS protected from malware with DNS Lock