In other posts over the past year, according to Banana analysis, cybercrime forum users have recommended Big Mama or shared suggestions about configurations people should use. In April this year, security company Cisco Talos Said It also saw traffic from other proxies, as well as the Big Mama proxy, being used by attackers trying to force their way into various company systems.
mixed messages
There are little details on Big Mama's website about its ownership or leadership. The company's terms of service state that a business called BigMama SRL is registered in Romania, although a previous version of website from 2022And Now at least one live pageLists a legal address for BigMama LLC in Wyoming. The US-based business was dissolved in April and is now listed as inactive, according to the Wyoming Secretary of State's website.
A person using the name Alex A. responded to an email from WIRED about how Big Mama works. In the email, they say that the connection information for free users being sold to third parties through the Big Mama network has been “repeated multiple times in the app market and within the application” and that people must accept the terms to use it. VPN. They say that Big Mama VPN is officially available only on Google Play Store.
“We do not advertise and have never advertised our services on the forums you mention,” the email said, adding that it was not aware of Talos' April findings. Its network is being used as part of a cyber attack. “We block spam, DDoS, SSH as well as local networks, etc. We log user activity to cooperate with law enforcement agencies,” the email said.
Alex A. Personality asked WIRED to send more details about ads on cybercrime forums, details about the Talos findings and information about teens using Big Mama on Oculus devices, adding that they would like to answer further questions. Will be “happy” to answer. However, they did not respond to any emails with additional details about the research findings and questions about their security measures, whether they believe there is any use of Big Mama for posting on cyber crime forums. Was assuming the form, the identity of Alex A, or who runs the company.
During its analysis, Trend Micro's Hilt says the company also found a security vulnerability within Big Mama VPN that, if exploited, could have allowed a proxy user to access someone's local network. The company says it reported the defect to Big Mama, who fixed it within a week, as confirmed in detail by Alex A.
Ultimately, Hilt says, there are potential risks whenever someone downloads and uses a free VPN. “All free VPNs come with solutions to privacy or security concerns,” he says. This applies to those who are side-loading them onto their VR headset. “If you are downloading applications from the Internet that are not from the official store, there is always the inherent risk that it is not what you think. And this is true with Oculus devices as well.