According to Dhiraj Mishra, the security researcher who discovered this vulnerability, the application will send DNS queries outside the VPN tunnel that has been established. Privacy concerns may be triggered when connecting to random virtual servers, essentially allowing DNS services to record domain names of visited websites by users.
Security loophole found in Kaspersky VPN leading to DNS Lookup leak
Kaspersky's VPN now has over 1 million downloads on the Google Play store. In a blog post, a security researcher stated his belief that this security flaw could potentially leak user traces of those seeking anonymity on the Internet.
The vulnerability was reported to Kaspersky by Dhiraj Mishra through their Bug Bounty program on April 21. Despite the company releasing a patch for this flaw, the researcher mentioned he did not receive any reward for this discovery.
According to the program's rules, rewards are only given to those who discover vulnerabilities that leak sensitive user data, including login passwords, credit card information, and authentication token codes. Dhiraj Mishra's finding regarding the VPN address leakage did not fall within the Bug Bounty program's scope.
In its app description on the Google Play store, Kaspersky states that its VPN software can help users browse the Internet anonymously. User locations and IP addresses are not disclosed through the VPN service, allowing them to easily access geo-blocked websites.
=>How to Fake IP using VPN
However, following Dhiraj's report, Kaspersky Lab confirmed the security vulnerability and released a patch in June. Additionally, the security firm explained that Kaspersky Secure Connection falls outside the Bug Bounty program's scope. According to the program's regulations, security researcher Dhiraj will not receive any monetary reward, but the security firm acknowledged his contributions greatly assisting in improving the app's security.
Overall, Kaspersky remains one of the top antivirus software companies today. To ensure computer safety, users are encouraged to download the Kaspersky AntiVirus tool here and install it. As it's a commercial version, purchasing a license may be necessary depending on the duration.
To provide users with more interface options and ease of use in appropriate conditions, Firefox for iOS adds a Dark Theme interface, aiding in eye protection and reducing strain during long web browsing sessions.