Abstract

Decrypting NordVPN

VPN systems should help protect your communication from network attackers. However, in this talk we will show how we decrypted NordVPN client applications’ communication. Not only to intercept your VPN traffic, but also to get access to other devices in your private network.

Description

As we send increasingly sensitive data over untrusted networks, our communication is constantly under attack. Especially while communicating from foreign or hostile jurisdictions, network interception attacks are more a rule than an exception.

Even while browsers and applications try their best to encrypt their communication, they leak metadata and are susceptible to n-day or 0-day vulnerabilities. Encrypting all the communication with a VPN can help mitigate these risks.

Numerous consumer grade VPN providers have been popping up over the years with promises of ease of use while providing military grade protection.

In this talk, we will show how NordVPN failed to deliver on this promise. While being easy to use, it unfortunately was also easy to hack. We will decrypt NordVPNs communication through a network interception attack and hack into other devices in your private network.

Bio

Aapo Oksman is an entrepreneur and the Founder of Juurin Oy, a cybersecurity company focusing on technical IoT cybersecurity. His background is in electrical engineering, embedded devices, and test automation. Combining his background with a hacking hobby led to a cybersecurity career focusing on industrial IoT.

Bug Bounties and security research keep Aapo motivated and learning. His work in cryptography has resulted in multiple CVEs from vendors like Microsoft, Apple, and Samsung. Outside work and research, Aapo's passion is in the community. He organizes local security meetups and coaches the Finnish national youth CTF team in the yearly European Cybersecurity Challenge competition.