In other posts over the past year, according to Kela’s analysis, users on the cybercrime forum recommended Big Mama or shared tips on which settings people should use. In April of this year, security company Cisco Talos saying had seen traffic from Big Mama Proxy, along with other proxy servers, being used by attackers attempting to brute force their way into a variety of company systems.
Mixed messages
Big Mama has few details about its ownership or leadership on its website. The company’s terms of service say that a company called BigMama SRL is registered in Romania, although an older version of its website from 2022and at least one page active nowlists a legal address for BigMama LLC in Wyoming. The U.S.-based company was dissolved in April and is now listed as inactive, according to the Wyoming Secretary of State’s website.
A person using the name Alex A responded to an email from WIRED about how Big Mama operates. In the email, they say that information about users’ free hookups being sold to third parties through Big Mama Network is “duplicated in the app marketplace and in the app itself multiple times,” and people have to accept the terms and conditions for use. the VPN. They say that Big Mama VPN is only officially available on the Google Play Store.
“We do not advertise and have never advertised our services on the forums you have mentioned,” the email says. They say they were unaware of Talos’ April findings about its network being used as part of a cyberattack. “We block spam, DDOS, SSH, as well as the local network, etc. We log user activity to cooperate with authorities,” the email says.
Alex A’s character asked WIRED to send him more details about the postings on cybercrime forums, details about the Talos findings, and information about teens using Big Mama on Oculus devices, saying they would be “happy” to respond further. questions. However, they did not respond to further emails with additional details about the investigation’s findings and questions about their security measures, whether they believed someone was impersonating Big Mama to post on cybercrime forums, the identity of Alex A or who runs the company.
During his analysis, Trend Micro’s Hilt says the company also found a security vulnerability within Big Mama VPN, which could have allowed a proxy user to access someone’s local network if it had been exploited. The company says it reported the bug to Big Mama, who fixed it within a week, a detail confirmed by Alex A.
Ultimately, Hilt says, there are potential risks every time someone downloads and uses a free VPN. “All free VPNs come with a balance between privacy and security issues,” he says. This applies to people who load them into their virtual reality headsets. “If you download apps from the Internet that are not from official stores, there is always the inherent risk that it is not what you think. And that is true even with Oculus devices.”