MULLVAD EXIT IPS REVEAL USER FINGERPRINTS

A technical analysis reveals that Mullvad's exit IP pool exhibits patterns that enable user identification despite the VPN's focus on privacy. The finding suggests that exit IPs alone can serve as reliable fingerprints for tracking sessions and correlating user behavior across time. The discovery challenges assumptions about VPN anonymity. While Mullvad rotates exit IPs, the limited pool size and predictable patterns create identification opportunities for determined observers. Researchers documented how exit IP selection can be correlated with user behavior and timing metadata. Mullvad has built its reputation on transparency and privacy-first practices, including storing minimal logs and supporting alternative payment methods. However, this research indicates that even privacy-focused VPN operators face fundamental challenges in protecting user identity through IP rotation alone. The findings have sparked discussion in the security community about the limitations of current VPN architectures and the need for additional anonymization layers beyond IP masking. Mullvad has not yet publicly responded to the analysis.