1RUG931�VDLG�WKDW�WKH�DWWDFNHU�ZDV�DEOH�WR�QDE�WKH�7UDQVSRUW�/D\HU�
6HFXULW\�NH\�XVHG�WR�YHULI\�D�VLWH�LV�DFWXDOO\�UXQ�E\�1RUG931��7RU*XDUG�
VDLG�WKDW�LW�PDQDJHV�LWV�FHUWL¿FDWH�DXWKRULW\�NH\V�LQ�VXFK�D�ZD\�WKDW�WKH�
NH\V�DUH�QRW�VWRUHG�GLUHFWO\�RQ�WKH�VHUYHU��%RWK�FRPSDQLHV�VLG�WKDW�WKH\�
ZHUH�SUHYLRXVO\�DZDUH�RI�WKH�LQWUXVLRQ�RQ�WKHLU�VHUYHUV�DQG�KDG�DOUHDG\�
WDNHQ�VWHSV�WR�PLWLJDWH�IXWXUH�DWWDFNV��7RU*XDUG�931�GLVFORVHG�WKH�
DWWDFN�VKRUWO\�DIWHU�LW�ZDV�PDGH�DZDUH�RI�LW��1RUG931�GLG�QRW�SXEOLFO\�
GLVFORVH�WKH�LVVXH�XQWLO�2FWREHU���VW�
,¶OO�QRWH�WKDW�,�KDYH�EHHQ�PDGH�DZDUH�RI�DQ�RQJRLQJ�OHJDO�FDVH�EHWZHHQ�
1RUG931�DQG�7RU*XDUG�931�WKDW�LV�FRQQHFWHG�WR�WKHVH�EUHDFKHV��:H�
JHQHUDOO\�GR�QRW�ORRN�DW�SULYDWH�OHJDO�FRPSODLQWV�DV�SDUW�RI�RXU�UHYLHZV��
DQG�WKDW�LV�WKH�FDVH�KHUH�
,W¶V�FOHDU�WKH�DWWDFNHU�KDG�SULYLOHJHG�DFFHVV�WKDW�VKRXOG�QRW�KDYH�EHHQ�
DYDLODEOH�WR�DQ\RQH��7KH�LQIRUPDWLRQ�WKDW�ZDV�REWDLQHG�LQ�WKH�DWWDFN�LV�
YHU\�YDOXDEOH��EXW�ERWK�1RUG931�DQG�7RU*XDUG�VDLG�WKDW�WKH�
LQIRUPDWLRQ�ZRXOG�KDYH�EHHQ�GL̇FXOW�WR�XVH�LQ�SUDFWLFH�
+HUH¶V�KRZ�3&0DJ�UHSRUWHU�0LFKDHO�.DQ�FKDUDFWHUL]HG�D�SRWHQWLDO�
DWWDFN�
“Stealing [NordVPN’s] TLS key did open the door for what’s called
D�μPDQ�LQ�WKH�PLGGOH�DWWDFN�¶�ZKLFK�FDQ�H[SRVH�\RXU�WUDI¿F��
unencrypted, to the hacker. But pulling off such a scheme wouldn’t
be easy. It would require the creation of a dummy NordVPN client,
and then tricking a user into installing it, which ultimately would
have only victimized one computer.”
,Q�DQ�HPDLO�WR�PH��1RUG931�GRZQSOD\HG�WKH�SRWHQWLDO�IRU�DWWDFNV�WKLV�
ZD\�
“Essentially, the attack would require quite extraordinary access to
the user’s network or device for it to be possible. Such an attack, in
theory, could be performed by a malicious or compromised ISP, a
malicious Wi-Fi network, an intrusive Wi-Fi network admin (like a
XQLYHUVLW\�RU�RI¿FH�QHWZRUN���RU�D�KDFNHU�ZKR�DOUHDG\�KDV�DFFHVV�WR�
your device.”
M
a
x
E
d
d
y
