Word of warning...latest CyberGhost update has DNS leak
Note: I’m not here to trash a PIA competitor, but want to spread the word about what I consider a serious security issue that should be checked on any VPN.
I had been using CyberGhost VPN for the last few years. When I connect to the internet through any VPN I always check that the visible IP address is the one provided by the VPN and that others can only see the server DNS provided by the VPN (ie. no DNS leaks). I do these checks on dnsleaktest.com. A couple of days ago CyberGhost updated their app from CyberGhost 6 to Cyberghost 7. I installed the updated application and proceeded to connect to the internet through CyberGhost 7. When I checked the IP and DNS on dnsleaktest.com, the IP was fine but to my shock not only the CyberGhost server's DNS was visible but also my own internet provider! If you use a VPN, you are concerned about privacy when surfing the internet. If your internet provider's DNS is easily tracked, then so is your web browsing.
I contacted CyberGhost about this security flaw. Unfortunately, their response was to blame my browser, saying that I hadn't cleared the cache and hadn't set the privacy settings properly. This was BS! I did clear the Firefox cache and had settings to no tracking and no saving browsing history, I still had the older version of CyberGhost on my PC and when I connected to the internet through this previous version everything was fine: only CyberGhost IPs and DNS servers showed up when I did the DNS leak test. I told the CyberGhost CSR this a couple of days ago and am still awaiting a response. In the mean time, if you are concerned about privacy when surfing the internet or downloading torrents I would advise against using CyberGhost VPN or at least do not use the latest update...and always, always when using a VPN double check that the IP and DNS are only the ones provided by the VPN.
I had been using CyberGhost VPN for the last few years. When I connect to the internet through any VPN I always check that the visible IP address is the one provided by the VPN and that others can only see the server DNS provided by the VPN (ie. no DNS leaks). I do these checks on dnsleaktest.com. A couple of days ago CyberGhost updated their app from CyberGhost 6 to Cyberghost 7. I installed the updated application and proceeded to connect to the internet through CyberGhost 7. When I checked the IP and DNS on dnsleaktest.com, the IP was fine but to my shock not only the CyberGhost server's DNS was visible but also my own internet provider! If you use a VPN, you are concerned about privacy when surfing the internet. If your internet provider's DNS is easily tracked, then so is your web browsing.
I contacted CyberGhost about this security flaw. Unfortunately, their response was to blame my browser, saying that I hadn't cleared the cache and hadn't set the privacy settings properly. This was BS! I did clear the Firefox cache and had settings to no tracking and no saving browsing history, I still had the older version of CyberGhost on my PC and when I connected to the internet through this previous version everything was fine: only CyberGhost IPs and DNS servers showed up when I did the DNS leak test. I told the CyberGhost CSR this a couple of days ago and am still awaiting a response. In the mean time, if you are concerned about privacy when surfing the internet or downloading torrents I would advise against using CyberGhost VPN or at least do not use the latest update...and always, always when using a VPN double check that the IP and DNS are only the ones provided by the VPN.
Comments