Unusual occurrences arise when data runs low for TunnelBear
Unusual occurrences arise when data runs low for TunnelBear
Previously today I was using TunnelBear and received a warning about near data exhaustion. I thought I had turned it off, but then I realized I was still using it. While streaming on YouTube, the video froze and Facebook crashed. The connection remained stable, so I assumed the network was down again. After waiting about an hour, nothing changed. I tried accessing my router settings via its IP address, but it didn’t respond. Further investigation revealed TunnelBear was active and depleted. I switched it off. Later, a popup asked me to connect to an unknown server, which confused me. I searched for the site but found no results. Then I visited lazerpenguin.com, which appeared to be a basic Apache web server on Ubuntu. I attempted to reach the full address and encountered an error indicating it was a proxy that didn’t accept non-proxy requests. A WHOIS lookup showed the domain used a masking service and was registered through Amazon Web Services. It seems TunnelBear relies on some unconventional, partially set-up Apache servers hosted on AWS for its proxy functionality. Although lazerpenguin sounds unusual for a proxy service, it appears to be tied to those backend systems.
Approximately 99% confident, searching lazerpenguin alongside a random YouTube user leads to the TunnelBear operations page. It doesn’t currently list the name, though if it appears in top Google results I suspect it might have surfaced earlier.
It seems the antivirus identified it as a proxy backend and requested trust. I found it confusing at first.
It seems some people think it’s questionable they’re relying on Amazon, since it likely tracks user activity. This raises concerns about potential security issues.