Despite its reputation for secure communications, recent findings reveal that Proton’s infrastructure harbours critical vulnerabilities, exposing 100 million users to potential cyber threats. These weaknesses bear striking similarities to those exploited in the SolarWinds attack, which led to over 18,000 breaches, including intrusions into U.S. government systems.
Vulnerabilities Identified:
Insecure Subdomain: At least one Proton subdomain remains unsecured, leaving it vulnerable to exploitation.
Weak DNS Records and Servers: Proton’s DNS records and name servers have been insecure for several years, increasing the risk of hijacking or interception attacks.
Potential Exploitation Risks: Attackers could leverage these vulnerabilities to gain initial unauthorized access, much like the SolarWinds breach, which resulted in widespread espionage and cyberattacks.
Why This Matters:
Proton markets itself as providing “Secure Email by Default”, yet these exposed weaknesses contradict that claim. Despite 18 months of prior warnings, Proton has yet to remediate these security gaps, leaving its vast user base—including journalists, activists, and businesses—at risk of compromise.
Given the potential widespread impact, making this intelligence public is a necessary step to pressure Proton into immediate action. Proactive security measures must be implemented to protect users from cyber threats that exploit known weaknesses in unsecured infrastructure.
💡 CyberInsights recommends: Users relying on Proton for privacy and security should take additional precautions, including:
✔️ Enabling multi-factor authentication (MFA)
✔️ Using alternative encryption layers (e.g., PGP)
✔️ Monitoring for suspicious activity in Proton-linked accounts
Cyber threats evolve rapidly, and security promises are only as strong as the infrastructure supporting them. Proton must act now to uphold its reputation as a leader in secure communications.
