您的 IP 地址: 未知 · 您当前的状态: 受保护未受保护的未知
博客 In Depth

Anyone can get your IP address from Slack, and it may not end well

Elle Friberg

Elle Friberg

Apr 03, 2018 · 4 min read

Anyone can get your IP address from Slack, and it may not end well

Using Slack? You should protect your IP address.

Even though the legend of the Nigerian Prince – one of the longest-running email scams where ‘a member of a royal family’ asks for help in transferring money out of Nigeria – is still alive, tactics of social engineering, phishing and hacking are constantly evolving. Sneaky cybercriminals find unexpected ways to attack Internet users and compromise their privacy. For example, one can get your IP address from Slack and use it for malicious purposes. Yes, you’ve read it right. If you took a look at the Slack admin panel, you would see that as workspace administrator, you can view team members’ access logs that contain their IP addresses.

So an admin can see access logs. But what if the admin is a cyber criminal?

Combined with social engineering, Slack can serve as a medium for a cyber bad guy to obtain one’s IP address, browser info, and login times. It may sound like a Mr. Robot-worth plot, but it can easily happen in real life. Follow this made-up scenario to get a better picture. Let’s say you are a journalist. One day an exciting offer pops into your inbox – a group of researchers invites you to collaborate on project X that may end up shaking up the industry. Since it’s the topic you’re passionate about (quantum physics), how can you refuse such opportunity? Of course, you can’t. You quickly run a background check for the guy that contacted you – let’s name him Tim. He has 4,762 followers on Twitter, and his background on LinkedIn seems alright. One email leads to another, and here you are sealing the deal and kickstarting the collaboration. Your new colleague Tim invites you to join the Workspace on Slack. ‘Everyone working on the project is here,’ says Tim. ‘It easier to discuss things this way,’ he adds. Well, nothing new here. With more than 6M daily users, Slack is a hub for work-related communications (and secret employee gossip). So you join the team. Oh, but little did you know that as the Workspace administrator on Slack, Tim can see valuable pieces of your personal information you wish he’d rather not. With just a few clicks in the admin panel, he can get your IP address, your Internet service provider, and your access logs with the exact times of when you connected to Slack and what operating system you were using.
Combined with social engineering, Slack can serve as a medium for a cyber bad guy to obtain one’s IP address, browser info, and login times.
But why would Tim be interested in data like this? Normally, he wouldn’t. Unless he’s a cyber criminal in disguise and this whole project X thing is a clever scheme to reveal your IP address and use it for malicious purposes. Basically, through a combination of social engineering and administrative Slack functionalities, a cyber criminal (or anyone else, to be exact) can get the IP address of any target. The victim will have no clue of being snooped on. So the whole scheme would look like this:
  1. Cyber criminal creates a workspace X on Slack.
  2. He/she lures a target into joining the workspace X.
  3. The victim’s connection activity is logged and accessible in the workspace X admin panel under Settings & Permissions > Access Logs.
  4. The cyber criminal can now see the victim’s IP address, Internet service provider, precise connection times, and the OS used.
How to see access logs in Slack

Why having your IP address exposed puts you at risk

Let’s get back to Tim. So he has your IP address. Now what? Your IP address serves as a unique identifier on the Internet. What’s more important – it can quite accurately indicate your location. So if you fight off monotony by frequently changing places you work from, or you’re doing some writing while traveling, the IP addresses Tim sees in the Access Log makes it relatively easy to track you. “And we know who you are, and we know where you live.” The lyrics of Nick Cave have never been more relatable. Hacking Unfortunately, exposing your geographical location is not the only thing IP addresses may be used for. By knowing your IP address and combining it with other data they might have collected about you, professional hackers can snoop on your online activity and even get access to your device and your personal information.

How to prevent a situation like this?

One of the easiest ways to protect your IP address from being exposed is using a virtual private network (VPN). When you connect to VPN, your Internet traffic is routed through a remote server anywhere in the world, encrypting the online data along the way. This way, your real IP address is replaced with that of the remote server and is invisible to snoopers such as Tim. When deciding on a VPN service provider, look for one that is easy-to-use yet offer advanced security features, as does NordVPN. Using Slack on mobile? Get a VPN app for your Android or iOS device and protect your IP address on the go. NordVPN app for Android While this whole Project X story is a fake scenario, again, there are no reasons why it couldn’t happen in reality. This is more of an eye-opening reminder that anyone of us might be vulnerable at times and situations we don’t even consider risky. And by the way, this blog post has nothing against Slack. Slack rocks.