Can a VPN Be Hacked? Understanding VPN Vulnerabilities and Protection

At a Glance

A virtual private network (VPN) is arguably the best way to keep your internet activities private and secure. Unfortunately, if you’re not using a reliable VPN provider or if you’re using an older connection protocol, your VPN connection could be hacked.

Hackers look for weaknesses wherever they can find them, even in a VPN’s apps or infrastructure. VPN apps and systems are like any other software or operating systems, there are always flaws. Most VPN providers will immediately spring into action when a security or privacy hole is discovered, but some flaws will remain unmatched.

In this article, I’ll discuss the types of security flaws hackers look for, the things you may be doing that could allow a bad actor to hack your VPN, and the things you can do to guard against having your VPN hacked.

How Can a VPN Be Hacked?

There are several ways for bad actors to hack a VPN. Here are some of the flaws that hackers commonly look for when targeting a VPN to be hacked:

Outdated VPN Connection Protocols

VPN connection protocols are a set of instructions that define how data and traffic are securely routed between your connected device and the VPN’s servers. If the protocol you use is outdated or not property secured, your VPN connection could be vulnerable to hackers.

Always make sure to use secure protocols, such as OpenVPN, WireGuard, NordVPN’s NordLynx, or ExpressVPN’s Lightway. These protocols have no known vulnerabilities and as such, are considered secure.

Now for the insecure protocols. These protocols are mostly ancient (in computer years) protocols developed several years ago and they have known security vulnerabilities that have not been fixed. These protocols include PPTP, SSTP, and L2TP. While these protocols have well-known security issues, some VPN providers still offer them.

Weak Encryption

A VPN uses encryption to turn the data being sent and received to your device into ciphertext. Ideally, this makes it impossible for someone to read the information that is being sent and received.

However, the security of the encryption depends on the type of cipher used and the length of the encryption key. Anything less than strong encryption is unacceptable. AES-256 is used in several modern protocols, including OpenVPN, NordLynx, and Lightway. Meanwhile, ChaCha20 provides secure encryption for the WireGuard protocol.

Always make sure the VPN provider you’re considering uses these encryption algorithms. Otherwise, you’re leaving your connection open to being monitored.

Server Vulnerabilities

Bad actors will sometimes not target the encrypted connection between the VPN user and the VPN server. Instead, they will target the VPN provider and its servers. Hackers target servers that are configured weakly, with insecure login requirements or improper security configurations.

It’s not unusual to hear of oppressive governments or even thieves attempting to confiscate servers, allowing them to directly access user activity data. Luckily, premium VPN users have begun running their servers 100% from volatile RAM. No data is ever written to a physical hard drive or SSD on these servers. This ensures that if the servers are rebooted, shut down, or even have the power plug pulled and taken away, all data on the servers will be immediately erased.

Unfortunately, while the number of VPNs using diskless servers is growing, there are still several VPNs that store user data on hard drives and many of them do not properly configure the servers, meaning they are vulnerable to bad actors and government types (some would say there is no difference between the two).

To keep your personal and usage data safe, confirm that any VPN you’re considering has a secure server infrastructure.

If you must use a VPN that uses standard hard drives or SSDs to store information, make sure the VPN keeps as little information as possible. Look for a VPN that follows a strict no-logs-ever policy, so no data is ever kept of your online activities, leaving little information for bad actors to steal if they access the server or for government-types to confiscate.

What Happens If/When Your VPN Gets Hacked?

When a VPN gets hacked, it means that bad actors can gain access to your personal information and your internet activity. A hack can also make you vulnerable to a Man-in-the-Middle (MITM) attack, resulting in financial fraud, identity theft, malware infections, and more.

Some of the things that can happen if a hacker compromises your VPN include:

• Data theft: Hackers love stealing information from their victims. Even if they only steal logs related to your online travels, they can sell that info to advertisers who want to target ads, or sell it to other bad actors who will use the info to perform phishing attacks.
• Fraud: If your VPN is hacked, bad guys may gain access to your personal and financial information, including your banking and credit card information. This information can be used to steal your identity, drain your bank accounts, take out fraudulent loans in your name, and more.
• Malware and virus infections: while hacking your VPN doesn’t directly leave you open to having malware and viruses installed on your device, it does leave you more vulnerable to MITM and other types of redirection attacks, which can lead to malware being installed from redirecting you to an infected website.

What Do I Do If My VPN Has Been Hacked?

Finding out your VPN has been hacked is not a good time. But don’t feel defeated, as there are several things you can do to help minimize the damage:

• Uninstall your VPN app from all of your devices and restart each device.
• Run malware and virus scans on your devices.
• Change the password on each and every account you have.
• Keep an eye out for fraudulent activity on all of your accounts, especially bank accounts and credit accounts.
• Scan your device for any apps or browser extensions that you did not personally install. If you see an app or extension you don’t remember installing, uninstall them. If it turns out that you need them, you can reinstall them later on.
• Subscribe to a reputable and secure VPN provider.

How to Choose a Reputable and Secure VPN Provider

There is no way to guarantee that the VPN you subscribe to will never be hacked in the future. Even premium providers like NordVPN have been hit with data breaches. However, there are several VPN features that you can consider to ensure that your VPN of choice is providing the best possible security against being hacked.

Secure VPN Connection Protocols and Encryption

Make sure your VPN of choice offers secure connection protocols like OpenVPN and WireGuard. The protocols use the AES-256 and ChaCha20 encryption algorithms, respectively. The protocols provide reliable, secure connections.

You can also trust providers’ proprietary protocols, as long as they use secure encryption, ExpressVPN’s Lightway and NordVPN’s NordLynx both fall into this category.

Always make sure the VPN provider you’re considering doesn’t use outdated and insecure protocols like SSTP or PPTP.

Audits

Look for VPNs that undergo independent security audits performed by reputable auditing firms. Audits allow providers to discover and fix any possible hacking threats before hackers discover them. VPNs generally make their audit reports public, allowing users to confirm that the VPN service is truly secure and private.

Make Sure The Provider Owns Their VPN Servers

This may sound a bit odd. Don’t all VPN providers own their servers? No. It’s quite expensive to set up servers in each country a provider serves, so some VPN providers lease their servers, meaning a third party actually owns them and then rents server space to a VPN provider. Leasing is cheaper than owning servers, at least initially.

If a provider is leasing its servers, no matter how secure they make their VPN servers, they are vulnerable if the company leasing them to the VPN provider hasn’t taken the proper security measures.

The NordVPN server hack I mentioned above was due to a leased server, which had an unprotected remote management interface set up by the server’s owner. Bad actors used the remote management interface to gain control of the server, which was based in Finland. This was back in 2019, and NordVPN reacted properly, moving its entire server network to an owned-and-operated model, so they now own and control their servers, taking the third-party operator out of the loop.

No Activity Logs, Ever

Any VPN worth your consideration should never keep any logs connected to your online travels. Give bonus points to providers that have had third-party security audits performed on their systems. If no data about your online activities is available there is nothing much for bad actors to steal, even if they do manage to hack your VPN provider’s systems.

Servers Run Solely From Volatile RAM

Hackers have been known to target a VPN provider’s servers. Look for VPN providers that run their servers solely from volatile RAM. Running a server from RAM means no information is ever written to a hard drive or SSD. This ensures that all data is completely and securely wiped when a server is rebooted or shut down or even if they’re stolen from a VPN’s server rack!

Kill Switch Protection

Even the most reliable VPN service can occasionally have connection issues. If you’re hiding your online antics by using a VPN, your online travels could be exposed if your VPN connection drops. Make sure your VPN provider offers kill switch protection to guard against this.

A kill switch feature will shut down your internet connection if you lose your VPN connection. While this isn’t direct protection against being hacked, a kill switch prevents your online travels from being accidentally exposed if your VPN has an issue. Even if your VPN offers kill switch protection, the feature can usually be toggled on or off in the VPN app. Make sure it is always toggled to the “ON” position.

Can Free VPNs Be Hacked?

As I mentioned previously, VPNs can be hacked. Free VPNs are even more likely to be hacked. This is because some free VPNs still use outdated connection protocols, such as L2TP or PPTP, making them more vulnerable to data leaks and hacking attempts. Free VPNs simply do not have the budget for establishing and maintaining a secure VPN infrastructure.

Free VPNs are also known to keep logs of their users’ online activities. They keep logs so they can sell them to advertisers and other nosy types. The presence of these logs also make free VPNs more vulnerable to being hacked. Plus, freebie VPNs cannot afford luxuries like running diskless servers. This means that data is being written to a physical storage device, and that data can be hijacked from the servers.

Are There Additional Steps I Can Take to Avoid Being Hacked?

Use the Tor Browser With a VPN

Yes, you can take additional steps to keep you from being hacked. In addition to using a VPN, you can also use the Tor browser. By first connecting to a VPN then firing up your Tor browser and using that to browse the web in place of Chrome or another popular browser, you can double up on your encrypted protection, as Tor traffic is also encrypted and uses multiple nodes to route your browser traffic.

If a hacker is attempting a man-in-the-middle attack on your VPN connection, the Tor network’s encrypted protection keeps your data protected. Meanwhile, if your Tor network connection is compromised and someone attempts to trace your traffic back to your IP address, the buck will stop at your VPN provider. As long as your VPN doesn’t keep logs the trail goes dead there too.

Choose a Reliable VPN Provider

When deciding on a VPN provider, stick with the better-known, more established VPN providers that have been investigated and reviewed by reputable websites, like Pixel Privacy.

NordVPN

Apr 2025

My top VPN is NordVPN. Yes, NordVPN has faced hacks in the past. However, the provider has also taken steps to prevent any future hacks.

NordVPN provides top-notch connection protections, including banking-grade encryption, kill switch protection, and IP/DNS leak prevention.

The provider’s well-protected connections are also blazingly-fast, meaning you’ll be able to enjoy streaming, gaming, and other online pastimes without worrying whether your connection will be throttled or that you’ll face data caps.

NordVPN also offers excellent native app support for most popular device platforms. The provider also offers comprehensive customer support.

Surfshark

Surfshark is my top budget-priced VPN, offering top-notch VPN protection at a budget-friendly price.

Surfshark also provides comprehensive online protection for several connected devices. The company’s support team is always there when you need them.

In Closing

As we’ve seen, even a top-notch VPN provider can be hacked. Luckily, hacks of quality VPNs are few and far between. By ensuring your VPN is up to snuff and being sure to configure your VPN app properly, you can avoid having your VPN connection hacked.

VPN Hacking FAQs

Can Hackers See My Online Activities When I Use a VPN?

No, hackers cannot see what you’re doing online when you use a VPN. Even if they’re able to monitor your network, they can’t see your activities as a VPN encases your connection in a tunnel of protection. Much like a highway or a train tunnel, observers know there is traffic passing through the tunnel but they can’t tell who or what is passing through it.

Is There Anything a VPN Will Not Protect Me From?

A VPN does not protect you if you click on malicious links or download infected files. However, some VPN providers do offer blocking of malicious websites, as well as malware protection. In addition to using a VPN, be sure to run malware and virus protection on your connected devices.