• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • February 28th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Surveillance

Hotspot Shield VPN accused of redirecting user traffic to advertisers

August 9th, 2017 Waqas Security, Privacy, Surveillance, Technology News 0 comments
Hotspot Shield VPN accused of redirecting user traffic to advertisers
Share on FacebookShare on Twitter

A renowned privacy group Center for Democracy & Technology (CDT) has accused Hotspot Shield VPN developed by AnchorFree, Inc. of violating user privacy by intercepting web traffic, keeping activity logs and redirecting it to third-party websites especially advertising companies.

In a 14-page filing, the group has accused the company of utilizing “unfair and deceptive trade practices” despite stating that it does not sell, track or log user data. CDT has asked FTC (Federal Trade Commission) to investigate the matter.

According to one of the accusations, “Hotspot Shield engages in logging practices around user connection data, beyond troubleshooting technical issues” by using a user’s location and IP addresses to “improve the service, or optimize advertisements displayed through the service.”

The group has also accused the company of forcing javascript and ad codes into browsers of its customers whenever they use Hotspot Shield. “The VPN has been found to be actively injecting JavaScript codes using iframes for advertising and tracking purposes.”

In a statement, Michelle De Mooy, Director of CDT’s Privacy & Data Project said that “Hotspot Shield tells customers that their privacy and security are ‘guaranteed, ‘ but their actual practices starkly contradict this. “They are sharing sensitive information with third party advertisers and exposing users’ data to leaks or outside attacks.”

“While insisting that it does not make money from selling customer data,26 Hotspot Shield promises to connect advertisers to unique users that are frequent visitors of travel, retail, business, and finance websites.27 Moreover, these entities have access to IP addresses and device identifiers collected via Hotspot Shield.

[…]

Even if Hotspot Shield only provides “hashed” or “proxy” IP addresses to these partners, third parties can also link information about web-viewing habits while using the Hotspot Shield by cross-referencing cookies, identifiers, or other information,” according to page 7 of the filing.

The group discovered these privacy flaws after teaming up with researchers at Carnegie Mellon University who noted that “When a user connects through the VPN to access specific commercial web domains, including major online retailers like target.com and macys.com, the application can intercept and redirect HTTP requests to partner websites that include online advertising companies.”

[fullsquaread][/fullsquaread]

In a blog spot from April 2017, Chris San Filippo of Hotspot Shield wrote that the company is against ISPs selling user web history to third parties. “Internet service providers (ISPs) being able to sell user web history to third parties, to advertisers possibly bombarding users with ads, the looming elimination of the FCC’s privacy rules can lead to privacy and anonymity anxiety for a lot of users in the US.”

However, CDT’s filing accuses the company of doing exactly what it kept on opposing publically. In an email conversation with ZDNet, David Gorodyansky, CEO of AnchorFree said he does not agree with the filling.

“We strongly believe in online consumer privacy. “This means that the information Hotspot Shield users provide to us is never associated with their online activities when they are using Hotspot Shield, we do not store user IP addresses and protect user personally identifiable information from both third parties and from ourselves.”

Previously, CDT accused smart toys “My Friend Cayla and I-Que” of spying on users and sending conversation and other data back to the company’s server. In their filing, the group stated that these dolls are violating the Children’s Online Privacy Protection Act (COPPA) as well as the FTC rules.

After a few months, Germany banned the My Friend Cayla doll citing that it can listen to the conversations of kids and apart from responding in real-time to them, it also conducts surveillance.

As far the Hotspot Shield VPN, it will be interesting to see what FTC has to say about the issue since only its Android app has been downloaded by 50,000,000 – 100,000,000 users. But meanwhile remember, next time if someone tells you “There is no such thing as a free lunch,” simply believe them.

  • Tags
  • internet
  • Privacy
  • security
  • Surveillance
  • Technology
  • Tor
  • VPN
Facebook Twitter LinkedIn Pinterest
Previous article IsraBye Anti-Israeli wiper malware locks data that can't be restored
Next article Overwatch DOWN as Blizzard servers facing technical problems
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Hackers using malicious Firefox extension to phish Gmail credentials

Hackers using malicious Firefox extension to phish Gmail credentials

Apple Glass may feature 3D Audio and Self-Cleaning in new patent

Apple Glass may feature 3D Audio and Self-Cleaning in new patent

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Microsoft release open-source CodeQL queries to hunt SolarWinds hacks
Microsoft

Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Hackers using malicious Firefox extension to phish Gmail credentials
Security

Hackers using malicious Firefox extension to phish Gmail credentials

Apple Glass may feature 3D Audio and Self-Cleaning in new patent
Technology News

Apple Glass may feature 3D Audio and Self-Cleaning in new patent

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us