Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
In other posts last year, cybercrime forum users recommended Big Mama or shared tips about configurations people should use, according to Kela’s analysis. In April this year, the security company Cisco Talos he said he had seen that traffic from Big Mama Proxy, among other proxies, was being used by attackers trying to break into various company systems.
Mixed Messages
Big Mama’s website has few details about its ownership or management. The company’s terms of service state that a business called BigMama SRL is registered in Romania, although its previous version is Website from 2022and now at least one live pageLists BigMama LLC’s legal address in Wyoming. The US-based business was dissolved in April and is now listed as inactive, according to the Wyoming Secretary of State’s website.
A person using the name Alex A responded to an email from WIRED about how Big Mama works. The email says that information about free users’ connections sold to third parties through the Big Mama Network is “repeated several times in the app marketplace and in the app itself,” and that people must accept the terms to use it. VPN. They say Big Mama VPN is officially available only on the Google Play Store.
“We do not advertise and have never advertised our services on the forums you mentioned,” the email said. They say they were unaware of the April findings that Talos’ network was being used as part of a cyberattack. “We block spam, DDOS, SSH, as well as local network, etc. We log user activity to cooperate with law enforcement,” the email said.
Alex A persona asked WIRED to send over ads on cybercrime forums, details about Talos finds, and information about teenagers using Big Mama on Oculus devices, and said they would be “happy” to answer any further questions. However, they did not provide further details on the research findings and questions about security measures, whether someone impersonated Big Mama to post on cybercrime forums, the identity of Alex A or who runs the company.
During the analysis, Trend Micro’s Hilt reports that the company also discovered a security vulnerability in Big Mama VPN that could have allowed a proxy user to access someone’s local network if exploited. The company said it reported the defect to Big Mama and approved a detail to Alex A that fixed it within a week.
Finally, Hilt says there are potential risks when anyone downloads and uses a free VPN. “All free VPNs come with privacy or security issues,” he says. This applies to people who sideload them into VR headsets. “If you’re downloading apps from the internet that aren’t from official stores, there’s always a risk that it’s not what you think it is. This is even true with Oculus devices.”
