VPNs Using Fake Server Locations

The rise of cyber-attacks, surveillance crackdown, and hacking have prompted users to incorporate VPN for their respective devices. Moreover, a VPN is useful for concealing one’s identity in the world of the Internet with granting secure connection. However, people choose VPN service for internet anonymity, the preference for VPN is commonly on the basis of worldwide server locations.

Having VPN servers worldwide makes it easier for the users to choose the desired connection. In fact, it allows the internet users to connect a VPN server that isn’t located on distance from the actual location.

What if the server you are connecting is of ‘Malta’ but it is actually located somewhere else in ‘Germany’. Or for instance,  you are connecting to ‘Saudi Arabia’ server which is operating from the ‘United States’. This is true, and some well-known VPN providers are doing these tactics which are known as location spoofing.

How do Fake VPN Servers affect you?

A fake VPN server can affect you in several ways. For instance, if the server is located far away from where you were to connect, it will negatively impact on your internet performance. A server located on a huge distance will give you higher pings compared to in closer proximity ones.

There’s a chance that the server which you are connected is the one you wanted to avoid.  Also, having virtual locations breaks the trust of users. They expect real servers from the VPN providers for their purposes and when the VPN provider misleads or false markets their abundance of servers, it eventually damages the reputation of the VPN industry.

Testing procedure

Although VPN providers have specified the difference between virtual and physical server, still, VPN servers have been known to spoof the location. For this, networking-testing tools were used to find the actual location of the VPN server as these tools allowed the server to be accurately located and verify it.

  • CA App Synthetic Monitor ping test: This tool pings the server URL from 90 different worldwide locations. The location with lower time (ms) indicates the proximity of the VPN server from the location.
  • CA App Synthetic Monitor traceroute: From the first ping test, you can note down the country or city name with the IP address which shows the lowest time (ms) in the result. Consequently, traceroute the VPN server from the location and it will confirm the distance from the location.
  • ping.pe: This pings the VPN server to 24 different worldwide locations, including the traceroutes for each location (MTR).

Note: These tests are expected to have outlier results as caused by different variables with the network. So it’s mandatory to run multiple tests with all three tools to eliminate outlier results. If not, then at least two of three tools suggest the server be located differently.

Fake servers in different VPN providers

These VPN providers’ servers were found to be fake in the test conducted by our research team. Previously a research conduct by restoreprivacy to identify the fake servers that identified VPN providers, such as ExpressVPN, PureVPN, and IvacyVPN virtually locating their servers and were deemed as fake.

Though ExpressVPN has updated the virtual server location information after the report was published by restoreprivacy. PureVPN has also updated the locations since the report, with adding a “V” label beside the country server, but it still their servers without “V” label was found to be fake.

ExpressVPN

ExpressVPN advertises 148+ VPN servers in 94 countries. It includes many notable countries for servers like Bangladesh, Brunei, Indonesia, Laos, Nepal, and Pakistan. These locations are not usually found on major VPNs so they seemed worthy of being tested.

The official details of ExpressVPN server location, 30 servers are listed as virtual locations. Even so, before the provider listed these 30 servers, according to restoreprivacy, 11 fake VPN server locations were discovered in ExpressVPN which includes;

  1. Pakistan
  2. Indonesia
  3. Bangladesh
  4. Nepal
  5. Macau
  6. Bhutan
  7. Myanmar
  8. Sri Lanka
  9. Philippines
  10. Laos
  11. Brunei

ExpressVPN’s Bangladesh server

The server URL was obtained through manual configuration files listed on the member area. This requires membership of ExpressVPN account, so to test the servers yourself; you need to have an ExpressVPN account.

Server URL: Bangladesh-ca-version-2.expressnetw.com

expressvpn-ping-bangladesh

CA Ping test: Ping tests from the tool show that from 90 locations, Singapore has the lowest ping times. This is strange since the Bangladesh server should have lower ping times near India. The first test partially concludes that the server isn’t located actually in Bangladesh.

CA traceroute: Tracerouting from Singapore to the VPN server location that is “Bangladesh”, the same IP address from CA ping test shows that the server isn’t located in Bangladesh. It is actually located in Singapore, with the minimum ping from same IP address.

Ping.pe test: This test once again confirms that the lowest ping is from Singapore. It concludes that the server is spoofed to a different location and it isn’t located in Bangladesh, but in Singapore.

NordVPN

The VPN provider is hosting over 600+ servers in 180+ locations worldwide, NordVPN is one of the oldest VPNs available out there, which prompted us to test their servers too. Surprisingly, our testings of their some servers find any virtual servers that were falsely labeled as an actual or physical server.

The servers we tested were:

  • India
  • Taiwan
  • Turkey
  • Indonesia
  • Ukraine
  • Macedonia
  • Malaysia
  • Thailand
  • Cyprus
  • Serbia

After testing these servers above, we were sure that NordVPN hasn’t faked its physical servers and rest assured, they are indeed genuine as advertised.

PureVPN

PureVPN has 750+ servers located in 140+ countries, which makes it one of the largest availability of the servers as advertised by them. However, in our research, we found 1 fake server location even after the report published by restoreprivacy. According to them, 5 fake servers were found without “vl” in the address. These were;

  • Azerbaijan
  • Bahrain
  • Yemen
  • Saudi Arabia
  • Aruba

Since the controversy, PureVPN has added a “V” beside the country column which denotes “virtual location”. In the server list, some of these still are forgotten to be labeled with a “V”, as any server which begins with “vl” is a virtual location. However, while testing, one server was found to be fake which was without “V” label and no “vl” in the server address.

There might be more fake server locations hosted by the PureVPN, nevertheless, this proof shows that PureVPN still hasn’t corrected the difference between actual and virtual VPN server location.

According to our research, one server was identified as fake without “V” label and no “vl” in server address.

PureVPN’s Malta server

The server URL was obtained through PureVPN server list. We have selected the OpenVPN-UDP address for the testing.

malta

URL: mt1-ovpn-udp.pointtoserver.com

Picture: Ping test 1 | Ping test 2 – Malta

CA Ping test: This test clearly shows that the lowest ping is received from the 90 locations in Germany – Frankfurt.

Picture: Traceroute Malta

CA Traceroute test: The traceroute test shows that the same IP address from Frankfurt to the Malta server location has the lowest ping. This confirms that the server is indeed located in Germany – Frankfurt.

Picture: ping.pe Malta

Ping.pe test: With the lowest ping being received in Germany, this test confirms that the server is located in Germany.

IvacyVPN

IvacyVPN offers 250+ servers in 100+ locations worldwide. It was found out that four of the servers of IvacyVPN were found using location spoofing of the real server. Even though virtual servers are denoted by “vl” at the beginning of server URL.

We have included two tests for the IvacyVPN’s server locations out of four so that it can provide the general view of the server location being spoofed to a different location. The other two were tested and they showed the fake server locations.

There might be more of the servers faked, but here are the fake server locations;

  • Pakistan (Los Angeles)
  • Saudi Arabia (Miami)
  • United Arab Emirates (UAE) (Amsterdam)
  • Venezuela (Miami)

IvacyVPN’s Pakistan server

The server URL was found on the IvacyVPN’s support page of a list of servers and their hostnames.

Picture: Pakistan

URL: pk1.dns2.use.com

Picture: Ping test 1 | Ping test 2 – Pakistan

CA Ping test: Pinging from 90 different worldwide locations, it shows that the lowest ping recorded was from United States – Los Angeles. In fact, if the server was actually located in Pakistan, the lowest ping recorded should’ve been from India.

Picture: traceroute Pakistan

CA traceroute test: Tracerouting from Los Angeles to the “Pakistan” server, it was found that the IP address is same as that found in CA Ping test and it shows the lowest ping. This settles that the server location is fake and it is being spoofed to a different location.

Picture: ping.pe Pakistan

Ping.pe test:  This test concludes that the server is undeniably located in the US Los Angeles, not in Pakistan. The lowest ping recorded is in Los Angeles.

IvacyVPN’s UAE server

Picture: UAE

URL: ae1.dns2use.com

Picture: ping test 1 | ping test 2 UAE

CA ping test: Lowest ping is from Amsterdam, Netherlands

Picture: traceroute UAE

CA traceroute test: The same IP of CA ping test shows the lowest ping, i.e. Amsterdam, Netherlands.

Picture: ping.pe UAE

Ping.pe test: Lowest ping from 24 different worldwide locations is from Amsterdam, Netherlands

Reasons for Fake VPN Server locations

A VPN provider using fake server locations may have many reasons, but it should be transparent about this. With this transparency, customers won’t have to test out these servers and gain trust from the provider itself, thus increasing the reputation of the provider.

One of the cases might be that the location or country does not have the infrastructure to set-up internet server for VPN. Other than that, the server’s quality may not be up to the provider’s standard like internet speed, power supply for server etc. This case is relevant to the developing countries.

Setting up virtual server also saves costs and budgets. Using one server for multiple servers in different locations is cost-friendly, as it reduces costs to set up multiple servers located in different countries. It also appeals to the customers of the various servers the VPN providers have.

Security concerns are a big issue for hosting servers in different and notable countries considering some countries have laws which curb the VPN’s power by accessing the data logs or completely banning them. Countries in the Middle East and Russia are the prime example of this, which aggressively restricts VPNs from operating.

Conclusion

With these findings, it is concluded that these VPNs have operated the fake servers without notifying the users of virtual location tactics. Though, ExpressVPN has fully offered the transparency regarding its list of virtual and physical servers after the controversy. PureVPN has also labeled its virtual servers however some of them are disguised as physical servers.

Ivacy still hasn’t identified its virtual and actual servers. Due to this dishonesty, a customer’s trust is broken and the reliability of the VPN ceases. If the VPN provider had offered transparency regarding the use of virtual servers, it wouldn’t be such an issue regarding VPN’s performance. The quantity of servers shouldn’t be preferred over the quality of servers since this makes a VPN market even more.

Leave a Comment