Kela’s analysis shows that in other posts over the last year, users on cybercrime forums have recommended Big Mama or shared tips on which configurations to use. In April of this year, security firm Cisco Talos announced that it had seen traffic from Big Mama Proxy being used, along with other proxies, by attackers attempting to brute force into various corporate systems.
mixed message
Big Mama’s website provides few details about its ownership or leadership. The company’s terms of service state that the company, called BigMama SRL, is registered in Romania, but an earlier version of the website published in 2022 and at least one live page currently have a name in Wyoming. BigMama LLC’s legal address is listed in . The U.S.-based business was dissolved in April and is now listed as inactive, according to the Wyoming Secretary of State’s website.
A person using the name Alex A responded to an email from WIRED about how Big Mama operates. The email states that information about free users’ connections sold to third parties through the Big Mama Network is “replicated many times in the app marketplace and the application itself” and must be used by agreeing to terms of use. It is written that it is necessary. VPN. Big Mama VPN is officially only available from the Google Play Store.
“We do not advertise and have never promoted our services on the forums you mention,” the email said. They said they were unaware of Talos’ findings in April that its network was being used as part of a cyber attack. “We block spam, DDOS, SSH, local networks, and more. We log user activity to cooperate with law enforcement,” the email says.
Alex A asked WIRED to send details about ads on cybercrime forums, details about Talos’ findings, information about teens using Big Mama on Oculus devices, and for further questions. He said he would be “happy” to answer. But for additional details about our findings, security measures, whether we believe someone posted on the cybercrime forum impersonating Big Mama, the identity of Alex A., and questions about who runs the company, please read on. did not respond to emails.
Trend Micro’s Hilt said during its analysis it also discovered a security vulnerability within Big Mama VPN that, if exploited, could allow a proxy user to access someone’s local network. . The company reported the flaw to Big Mama, which said it fixed it within a week, details of which were confirmed by Alex A.
After all, Hilt says there’s always a potential risk for people who download and use free VPNs. “All free VPNs come with trade-offs in privacy and security concerns,” he says. This also applies to those who sideload into a VR headset. “When you download an application from the Internet rather than from an official store, there’s always an inherent risk that it might not be what you thought it was, and that’s true for Oculus devices as well.”
