Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Chiara Castro

Independent auditors confirm Mullvad VPN as secure

Mullvad VPN working on a laptop.

Independent auditors have confirmed that one of the best VPN apps on the market protects your data with "a high-security level."

Mullvad VPN put its security infrastructure under scrutiny for the fourth time between October 23 and November 28, 2024. Experts from X41 D-Sec performed penetration tests and source code audits across all VPN apps for 30 days, finding only non-critical issues.

The VPN provider stated that it has now addressed these flaws "to the extent possible."

Mullvad's 4th security audit

"Overall, the Mullvad VPN Applications appear to have a high-security level and are well positioned to protect from the threat model proposed in this report," concludes the audit.

As mentioned earlier, experts conducted a white box penetration test and source code audit to investigate if attackers could compromise users' real identity or monitor their activities.

"The use of safe coding and design patterns in combination with regular audits and penetration tests led to a very hardened environment," noted experts.

Auditors found a total of six vulnerabilities, though none of them were critical. Three smaller issues "without a direct security impact" were also identified. You can find all the technical details in the full report.

Commenting on the results, the provider said: "Mullvad is very happy with the quality of the audit performed by X41 D-Sec. X41 managed to find issues in our code that previous audits missed, which shows that there is great benefit in having audits performed by different companies."

This is, in fact, the fourth independent security audit Mullvad has undergone every two years since 2018.

Mullvad implemented fixes for four of the issues found during the audit. The team released a new app version on the affected platforms (desktop, Android, and Linux VPN) immediately after receiving the audit report.

Auditors also confirm the provider addressed all the issues "swiftly and the fixes were audited to be working properly."

The latest results corroborate Mullvad as one of the most secure VPN providers on the market right now. Besides bullet-proof security infrastructure, the service offers a strict no-log policy (which an inconclusive police raid proved in real life), a built-in tracker blocker, and strong encryption protocols.

In October, Mullvad even beefed up its defense against AI surveillance and censorship thanks to some advanced security features. These include extended support for VPN obfuscation technology for the WireGuard protocol and the innovative DAITA system which aims to mitigate AI-powered tracking by modifying the appearance of data packets sent over the VPN network.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.