TL;DR
A security analysis reveals Mullvad VPN’s exit IP assignment method makes users more identifiable than previously believed. The deterministic IP selection based on WireGuard keys allows linking user activity, raising privacy questions. Details are still emerging about the full implications.
Recent research indicates Mullvad VPN’s method for assigning exit IPs can be used to identify individual users, contradicting prior assumptions about its privacy protections. The analysis shows that Mullvad’s deterministic, seed-based IP assignment allows linking multiple connections to the same user, raising privacy concerns.
The investigation involved repeatedly changing WireGuard keys and collecting exit IPs across nine Mullvad servers. Despite the vast theoretical pool of over 8.2 trillion possible IP combinations, the analysis found that users were assigned only 284 IP combinations, revealing a pattern in the IP allocation process.
The study suggests Mullvad uses a seed-based pseudo-random number generator (RNG) in its IP selection, leading to neighboring IPs being assigned consistently across servers. This deterministic process makes it possible to estimate the probability that a set of IPs belongs to a particular user, with some estimates suggesting around 99% accuracy in linking IPs to individual accounts.
Why It Matters
This development matters because it challenges the common belief that Mullvad VPN offers strong user privacy through multiple exit IPs. The seed-based IP assignment could enable network observers or adversaries to correlate user activity over time, reducing anonymity and privacy protections that users expect from a VPN service.
While Mullvad’s approach might be intended for load balancing or technical reasons, the ability to link IPs undermines the core privacy promise of VPNs, especially for users relying on Mullvad for anonymity or sensitive activities.
IPVanish: Fast & Secure VPN
High-speed access to over 3,200 VPN servers in 150+ locations
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Background
Mullvad is known for providing multiple exit IPs per server, with a relatively small network of 578 servers compared to larger providers like Proton VPN. Its use of deterministic IP assignment based on WireGuard keys was previously not considered a privacy vulnerability.
The research builds on prior knowledge that Mullvad’s IPs are not randomized anew each connection but are linked to user keys, which rotate every 1 to 30 days unless a third-party client is used. This study’s insights reveal that the underlying IP selection process is more predictable than assumed.
“The shared seed-based RNG means that Mullvad’s exit IPs are not as anonymous as previously thought, enabling linkage of user activity.”
— Researcher conducting the analysis
“Using a seed-based RNG for IP assignment introduces a predictable pattern, which can be exploited to correlate user activity across sessions.”
— Security expert familiar with VPN privacy models
Check Point Software UTM-1 Edge N VPN Appliance – 6 Port
Product Type:Network Security/Firewall Appliance
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What Remains Unclear
It remains unclear whether Mullvad intentionally uses this seed-based approach or if it is a technical oversight. The full extent of how many users could be identified in practice, especially in real-world scenarios, is still being evaluated. Additionally, Mullvad has not yet responded publicly to these findings.
Mullvad VPN | 12 Months for 5 Devices | No-Log Security VPN Service | Protect Your Privacy
PRIVACY-FIRST VPN: This 12-month Mullvad VPN code gives you a full year of privacy protection without monthly renewals….
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What’s Next
Further investigation is expected to determine whether Mullvad will modify its IP assignment method. Users and privacy advocates are likely to scrutinize Mullvad’s practices, and the company may need to clarify or change its infrastructure to restore user anonymity. Additional research might also explore whether other VPN providers use similar methods.
The VPN Insecurity Compendium: Essential Tools, Proven Techniques, and Expert Insights to Uncover Hidden Threats
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Key Questions
Can Mullvad users be identified based on their exit IPs?
Yes, the analysis suggests that the deterministic IP assignment allows linking multiple connections to the same user, reducing anonymity.
Does this mean Mullvad is insecure or unsafe to use?
This finding raises privacy concerns but does not necessarily mean the VPN is insecure. It indicates a potential vulnerability in user anonymity, which may be critical for privacy-sensitive users.
Will Mullvad change its IP assignment method?
It is not yet clear whether Mullvad will alter its approach. The company has not issued a public statement addressing these findings.
Are other VPN providers vulnerable to similar issues?
This specific analysis focused on Mullvad, but the use of seed-based RNGs in IP assignment could exist elsewhere. Further research is needed to assess other providers.
