CyberGhost Review

Last update: 02.12.2019

Overview

CyberGhost is a case of “almost great,” with shortcomings keeping this VPN from reaching the very top. We hope they’ll up their game so we can rate them higher in our next CyberGhost review!

You were halfway to clicking that torrent magnet link button, but then you glanced through the window, and the realization struck you: it looks an awful lot like that Blade Runner movie. Doubt gnawing at your mortal soul, you felt the finger slip and then there was a nervous tap-tap-tap on the table. “I should probably get a VPN,” you heard your mind say just as the voice next door went: “Do you long for having your heart – interlinked.”

As you’re scrolling through “Top 10 VPNs” lists, your eye latches onto that cute CyberGhost logo (somewhere around #3 or #5). Has your all-too-human mind betrayed you once again? Is this VPN, in fact, absolutely atrocious? That’s what we’re here to find out, and we’ll do it point-by-point. Read on for the full CyberGhost review.

CyberGhost 7 has some very solid features, making it comparable to industry leaders ExpressVPN, NordVPN, or TorGuard. However, the comparison only works on the surface. For example, in terms of security, CyberGhost also offer AES-256-CBC encryption, claim they have a no-logging policy, and also claim their service is not susceptible to DNS or IPv6 leaks. Unfortunately, CyberGhost’s “no-logging” policy doesn’t really hold up and not that long ago the VPN did have some leaking issues, not only with the notorious WebRTC bug but also with DNS queries. CyberGhost 7 offers an effective kill switch, but, sadly, you can’t toggle it.

Finally, they’re registered in Romania, which is not a 14-eyes country and has no data retention laws, but the company is owned by a somewhat shady UK-based international company by the name of Kape Technologies (formerly Crossrider).

Some of its other security features also fall behind NordVPN or ExpressVPN– there’s no SSTP protocol, no multihop (double VPN) function, no TCP 443 port.

CyberGhost will let you do most of the things we love Nord and Express for – use torrents,(sometimes) watch Netflix, (barely) bypass the Great Firewall of China. It seems you’ll do it all just a little bit worse though.

While amounting to a solid 3,500+, CyberGhost servers are less numerous than those of Nord and cover less of the globe than Express. In particular, the VPN has a limited presence in East Asia and Africa. This means that users in these regions might get worse performance than they expect. Admittedly, for many this will not be a problem, particularly if they’re based somewhere in Europe or the US. The good news is that CyberGhost is rapidly expanding its server fleet, growing it a whopping 150% in 2018. If this trend continues at such a pace, the service might overtake all but the largest VPN server counts in the industry this year.

CyberGhost has custom apps for all major platforms – Windows, Mac, Android, iOS. They’re all simple, intuitive, and user-friendly. There’s support for routers, but no custom CyberGhost router app.

7 simultaneous connections is a good number – that’s 1 more than NordVPN and more than double what ExpressVPN offers. Let’s be honest though – how many people use VPN on 7 devices at a time? (hint: it’s 7. Get it?)

The advantages of CyberGhost 7 over the best of the best are small, but some of the drawbacks are potentially as massive as that one jungle we heard about in the ‘90s. Also, speaking of tropical rainforests – their website may as well be one. The site makes it difficult to find in-depth information about the features. “Kafka-esque” may be overstating it, but only slightly. They do have a live chat function, but is it really available 24/7? Or is it activated when an X number of wolves howl in the moonlight? I guess we’ll find out when they hire a UI/UX professional.

The VPN has a lot of stuff going for it – a tracking-block feature, malware protection, split tunneling, a positively user-friendly client, and a 7-day CyberGhost free trial. But don’t get too excited. It’s just not the best.

So, has the Ghost led you astray? Read this CyberGhost review to find out.

Is CyberGhost safe to use?

We’re not here to judge, but security should really be the primary concern for VPN users. After all, what good is Netflix if you can’t get any pizza (‘cause you’re in jail)? If that sounds melodramatic – rejoice, lucky one. Many around the World don’t share your privilege.

The question of whether CyberGhost is a secure VPN can be answered in a few ways. As a matter of fact, you can do a lot better or worse when it comes to security, as our CyberGhost review will show.

Technical aspects

CyberGhost offers the same encryption standard as most top VPNs – the data channel is protected using AES-256-CBC with SHA256 hash authentication; the control channel goes through an AES-256 cipher with an RSA-4096 certificate and SHA384 hash authentication. No, we’re not just trying to sound smart.

The point is, CyberGhost’s encryption is beyond unassailable, and no crowbar will help brute force it. The number of 256-bit key combinations is only a few orders of magnitude lower than the total number of fundamental particles in the observable universe. Allegedly.

DNS/IP leaking concerns.

While researching for this CyberGhost review, we found that the tool’s issues lie elsewhere. As recently as a few months ago, the VPN had some leaking concerns to address. Users should take notice of several types of leaks when discussing VPNs. The most important of these are currently DNS leaks and WebRTC leaks.

To say nothing about their causes, DNS leaks happen when your browser uses your local DNS server to translate domain names into IP addresses. When this occurs, your computer essentially tells your ISP what sites you’re browsing. At that point, you might as well throw all that encryption out the window because all it does is it slows your connection down.

WebRTC leaks refer to a bug in the browser’s real-time communication functionality, which can leak the user’s real IP address even when connected to a VPN service. This was an issue even for some of the strongest VPNs, CyberGhost being one of them.

Late last year, comparitech.com published an article detailing results from their extensive leak tests on some of the top names in the VPN market. The results should have been very concerning for CyberGhost users: comparitech.com discovered persistent vanilla DNS and WebRTC leaks with the CyberGhost Windows client.

Allow us to translate: a persistent vanilla leak refers to a leak that occurs during regular VPN session. In other words, it’s not like something must go wrong for CyberGhost 7 to leak your DNS or IP address (the latter over WebRTC).

Since then, these issues seem to have been solved (at least we couldn’t find any when writing our CyberGhost review), but it’s still quite shocking to find that a consensus Top VPN can be this vulnerable. It’s certainly a big blow to their reputation – after all, online privacy is an industry of trust. Many will think twice next time they hear CyberGhost boast about some super-safe measure they’re implementing.

Privacy concerns

As our research for this CyberGhost review shows, past technical issues are, unfortunately, not the end of this VPN’s problems with security and privacy. We must also discuss factors beyond the service. The company is registered in VPN-friendly Romania, and that’s great. This is a country that has shown a commendable attitude towards online privacy and is not part of the 5-eyes, 9-eyes, or 14-eyes country groups. Sounds good so far, but it’s not all rosy: in 2017, CyberGhost VPN was purchased by a UK company called Crossrider (recently rebranded to Kape Technologies). Immediately, alarm bells went ringing all over the online privacy community, because Crossrider has been caught doing shady things in the past (like creating software that borders on straight-up malware).

Again, VPN is an industry of trust, and Kape Technologies is the definition of untrustworthy – one of the principal people behind the company is actually a convicted felon whom the Panama Papers have linked to 16 offshore accounts!

Furthermore, the CyberGhost VPN no logs claim is not as bulletproof as users may hope. The program is collecting data about successful connections and connection attempts and sending it to a third party – MixPanel. Although the data is anonymous, we still have a problem with VPNs using third parties for such things. Learning to trust one company with sensitive data is hard enough, but CyberGhost VPN is spread out over several services, making their reputation worth a lot less.

There’s also a bunch of third-party exposure to be had on the CyberGhost VPN website. Their site analytics trackers include not only Google Analytics, but also MixPanel, Sift Science, and Visual Website Optimizer. For communication with its clients, CyberGhost VPN uses Zendesk and Zopim. And there’s a Facebook pixel on the site for good measure. This seems a bit much for a company that claims they’re a ferocious guardian of privacy.

If there’s one thing we hope you get from this CyberGhost Review, it’s this – there are better tools to trust with your security and privacy.

Speed and performance

Ah, speed and performance – an area where any VPN can be simultaneously good and bad if review sites are to be trusted. It’s no wonder, really, because it takes a rigorous process to get consistent speed testing results. There are too many variables to account for. As such, it’s very important to try for yourself and get an idea of the speed in your location!

Either way, we ran some tests from Europe for our CyberGhost review. Our original speeds for download and upload settled around 280 Mbps. CyberGhost has this nice feature of showing each server’s load, so for the sake of this test we’ve always chosen the least loaded one, as the VPN would also give you the best possible result according to the selected location.

UK, London

89 Mbps download and 133 Mbps upload might look like a big fall from the original speed. But as our tests have shown, sometimes it’s more accurate to start counting from the first result with a VPN than from the original speed. There were cases when downloading in the US was as fast as in the UK, meaning that in certain cases distance starts to effect bandwidth only after thousands of kilometers.

US, New York

As we move across the Atlantic, the latency rises, but so does the downloading speed – now it’s 102 Mbps. The effect mentioned above doesn’t always work with the upload – here it craters to 33 Mbps, though we all know that it’s the less important of two numbers.

US, Los Angeles

After crossing the US, we see that the latency reaches 171 ms, meaning the connection is no longer adequate for serious online gaming. But the download speed seems to be unaffected, while upload sobers up to 79 Mbps. This shows that CyberGhost has a really strong server network in the US.

Japan, Tokyo

After landing upon Japan, ping reaches 284 ms, which doesn’t suit even not serious online gaming. But most importantly, download speed stays around 70 Mbps, which is good even as a percentage from our original speed of 280 Mbps. The upload usually craters in the Far East, but it’s still good enough for video calling or streaming via Twitch.

Australia, Sydney

The ping is over 300 ms, meaning you will have issues during a simple VOIP call, but the downloading speed of 49 Mbps compensates it very well.

Overall, we conclude that CyberGhost offers good speeds across the globe, but we are aware that results may vary using a different connection.

How to get it

As is usual with most pieces of software, you can get the GyberGhost app from their website. Once you’re on it, just click the Get CyberGhost VPN button. You’ll be asked to choose one of several (very reasonable) pricing plans, enter an email address, and pay using one of their several payment options. Then you can go ahead and download the app.

How to install it

We went through the process for our CyberGhost review, and it couldn’t be any easier. Well, it could, but then you wouldn’t get to choose the installation directory.

Just run the installer, click Next when it asks you to, and you’ll be good to go. The only unusual thing you’ll be asked to do is save or print a “PUK code.” You will need it if you lose your CyberGhost login information. The extra layer of account security is nice to see on a VPN – save that PUK and keep it close to your heart!

How to use CyberGhost

You’re an official “Ghostie” now – congrats.

Prior to the 7.0 version, we used to be firmly entrenched in the CyberGhost’s interface-hater camp (more of an unassailable bastion of biting snark, really). As of the seventh iteration of the CyberGhost app, however, we’ve been forced to eat our words by the paragraph.

For our CyberGhost review, we used the Windows version of the VPN. And we must say the interface is almost everything we could ask for (and did, in our prior CyberGhost reviews). Almost.

The first thing you’ll see after login is the refreshingly compact home screen, featuring a quartet of interactive elements:

• The self-explanatory Power button
• The Settings button for quick access to some of CyberGhost’s options
• The Favorite server drop-down menu (set to Best location by default)
• The Arrow button, which changes the Compact view into the Expanded view, where you’ll find your server lists and the Advanced features (more on that later)

Let‘s take a look at the Expanded view first, where most users will likely end up after turning on the client for the first time. This is where you’ll see the server location list, featuring Favorites, All servers, servers For downloading, and servers For streaming.

When you click the All servers option, you’ll see a list of countries, which can be further expanded to see all the different servers located in that particular patch of land. You can sort these by their distance from your location, by their load percentage, or by their name, and tag them as your Favorites. Nice and easy.

However, if you’re the sort who likes their servers labeled by recommended purpose, which you probably are, the For downloading and For streaming sections are those you’ll likely be using the most. As their names suggest, this is where you’ll find servers specifically optimized for torrenting and watching geo-blocked content.

Trying to save the time and effort required to whack-a-mole different servers in order to find the one able to unblock a particular streaming platform, CyberGhost conveniently tags their servers for an at-a-glance selection. Just head to the For streaming section, select the server optimized for Netflix, Hulu, BBC iPlayer, or one of the many other streaming services, and watch away (if you’re lucky: see the CyberGhost for Netflix section of our review).

The For downloading section gives you a list of servers geared towards P2P file sharing. If you’re into torrenting, this will be your go-to tab.

On to the Advanced Features section, where you’ll find the Connection features, Smart rules, and Exceptions tabs.

Formerly known as Extra Features, CyberGhost’s Connection Features are similar to NordVPN’s CyberSec tool – the app offers to block malicious websites, ads, and online tracking. The Automated HTTPS redirect function is pretty cool – it makes your browser prefer HTTPS over HTTP whenever possible. Data compression will help you deal with bandwidth limitations by compressing the data being transferred.

The Smart rules section features several useful tabs. The aptly named Startup rules tab allows you to toggle automatic connections at startup. The Wi-Fi Protection tab lets you customize CyberGhost’s behavior regarding different wifi networks. For example, you might set the VPN to automatically secure your traffic when you join a public wifi network, or to ignore any network that is already encrypted.

On the Exceptions tab, you can create a list of Hosts or IPs that will be accessed using your regular connection, rather than a VPN connection. This is a powerful take on the split tunneling function and we salute CyberGhost for it. The ability to add exceptions can be useful for various reasons:

• Some online resources may require your real location to function properly. Google Maps may be a good example of this.
• Many workplaces will require you to access LAN resources – this function will let you keep your anonymity online while doing this.
• VPNs can be taxing on your connection speed. You might want to increase performance by keeping those needier resources outside the VPN tunnel.

The Connection tab gives you some of the most important choices. First of all, you can choose which security protocol to use – OpenVPN, L2TP, or IKEv2. If you leave it on “Auto,” the app will try to connect using IKEv2 and switch to OpenVPN if that doesn’t work. This is a good set up – both protocols are very secure and will do the job just fine. There are a few points to be made here though:

• We’ll assume L2TP means L2TP/IPsec. If not, this would be an uncharacteristic oversight, because L2TP, by itself, is not secure at all.
• There’s no PPTP – good. More VPNs should follow CyberGhost on this and protect their users from this insecure protocol.
• There’s no SSTP – bad. SSTP is secure and can be useful in some situations. Definitely not a deal-breaker though.

If you’re using OpenVPN, you can choose whether to prefer TCP over UDP, and whether to use a random port to connect. UDP is faster but less stable, TCP is slower but more stable. It’s good to have this choice because while some will have stable connections, others won’t.

Using random ports should stop your internet provider from slowing down or blocking connections. This is a tool for countries where access to VPN is restricted. Looking at you there, China.

You can force CyberGhost to use their DNS servers instead of your ISP’s DNS servers, and there’s an anti-IPv6 leak feature as well. Both of these are great to have.

… And that’s pretty much it! Notice anything missing? Where’s the kill switch? As it turns out, it’s on by default and cannot be deactivated. Not sure how we feel about that one, but it’s worth a mention.

Apps and Extensions

CyberGhost is well-covered and has apps for Android, Windows, Mac, iOS, and Amazon Fire TV & Fire Stick. In addition, it provides full support for Linux, routers, NAS and Chromebooks. The Windows client we’ve touched upon already – easy to use, simple to master. What about the others?

The CyberGhost Mac app is currently almost identical to the Windows version. Except for the fact that you cannot choose your security protocol on the Mac version (with OpenVPN probably being the default), and some of the security features are lacking, which is quite unfortunate.

CyberGhost Android (if you want to download the apk, you’ll have to find it outside their site) and CyberGhost iOS also look good. The company seems to be very proud of their “unified experience across all devices” approach and the GUI seems a perfect fit both for computers and mobile devices. Users are less likely to engage in super sensitive activities on their phone, and as such security/privacy is of less concern. Our experience when testing the clients for this CyberGhost review leaves us inclined to recommend the mobile versions to anyone who fits the profile.

CyberGhost for Netflix

TL;DR: Our tests have shown Cyberghost Netflix capabilities to be a mixed bag – the speeds are okay if you have a fast internet connection, but geo-unblocking may be inconsistent.

Netflix US works (kind of: more on that below), and users can take advantage of the specialized For streaming servers to make sure the settings are optimal.

More in-depth CyberGhost Netflix tests, however, reveal some holes in the game. For one thing,  the Optimized for Netflix US server returned the infamous “You seem to be using a proxy” error on the first day of testing CyberGhost for this review. The next day, however, it recovered and seemed to work fine. Furthermore, the speeds are comparatively average – whilst connected to CyberGhost US streaming servers, the highest speeds we managed to record were still around half of what we were able to reach using ExpressVPN and NordVPN.

For reference, our base download speed on the Netflix-owned fast.com speed test website was 240 Mbps, meaning CyberGhost managed to drain two-thirds of our regular speed.

For some users that will not be an issue – Netflix recommends 25 Mbps for Ultra HD and 5 Mbps for HD. Although our tests for this CyberGhost review show that we would be able to stream in both, note that your internet speed should at least triple these minimum requirements.

There are CyberGhost servers optimized for many other popular streaming platforms, such as BBC iPlayer, HBO, Hulu, Amazon Prime, etc. While we haven’t tried all of them, we were able to watch BBC iPlayer with when connected to the specialized streaming server. However, keeping in mind the inconsistency of the Netflix US server, that may be subject to change at any time. All things considered, you should use the CyberGhost free trial to test the streaming service you want to watch before investing.

CyberGhost for Torrenting

If it weren’t for P2P, most of us would still live in caves, drawing wildebeest hunts, making crude instruments out of stone. What Napster began, torrents shall continue!

The CyberGhost torrenting capabilities are decent: the tool offers enough security for P2P users, has a good distribution of servers, and doesn’t block or throttle P2P traffic. As we saw from our research for this CyberGhost review, this tool doesn’t allow torrent traffic on all servers. With that said, this is an accepted and reasonable practice for avoiding the attention of copyright enforcers. Perhaps the only real issue is one we’ve been repeating – speed. No one wants to just sit there, staring at disappointing numbers and ogling the Disconnect button.

In short, with CyberGhost torrenting works well, but not if your regular connection is slow!

Is it good for users in China?

VPN users in China have two primary concerns – the ability to bypass government censorship and doing so securely.

Disclaimer: we can’t test how well the VPN does in China, so this section of our CyberGhost review is based on experience and various reports. CyberGhost seems to be far from the worst solution. The service has some tools against the expansive blocking capabilities VPNs struggle within China. They provide the option of using TCP and CyberGhost DNS servers. You can also force the VPN to connect using a random port, and thus make it more difficult for the Great Firewall of China to restrict or block the service. These factors lower the risks involved in buying a long-term subscription.

However, CyberGhost VPN is also one of those providers who have no good answer for Deep Packet Inspection (DPI). China uses DPI to block encrypted OpenVPN traffic, leading some services to offer a modified version of the OpenVPN protocol, which scrambles the traffic and foils attempts to recognize it. Others have simply told their users to try L2TP instead of OpenVPN. This seems like a short-term solution for DPI-aided blocking, but there’s potentially a bigger issue with it – L2TP (L2TP/IPSec) is not that secure a protocol.

To make a long story short, use CyberGhost VPN in China only if you’re not doing anything politically sensitive. You should probably use something else to browse all those hilarious Chairman Meow memes. Otherwise, your life may undergo its own little cultural revolution.

Two more things might make Chinese users think twice before subscribing – they don’t have very many servers in the Far East, and they don’t have a .onion site. This means CyberGhost VPN connection speeds may be sub-par and it may be difficult to download the VPN (the regular site is blocked in China).

Support

Fortunately, CyberGhost is pretty good in terms of customer support, especially if you compare it to the lower tier of VPN services on the market. Compared against higher-tier VPNs CyberGhost support is almost as good but lacking a bit in the self-help section.

CyberGhost offers Guides, a Troubleshooter, and an FAQ, but their website is neither very informative nor intuitive. You’ll notice that this is a recurring theme – the app also suffers from those same issues. To be fair, this may just be a subjective point.

What is not subjective is the 24/7 live chat function – one more thing rooting it as a Top 10 VPN service. We tried asking some questions for this CyberGhost review and found the agents helpful, knowledgeable, and quick to reply. We’ve encountered reports of support reps telling customers to wait for an email, but this is normal with problems that require complex solutions.

Pricing

We‘re at CyberGhost‘s final bastion of defense. Flags with percentage signs, coupons, and limited offers obscure the view. The loudspeakers keep repeating: “Yeah, we’re not the very best, but we’ll be damned if you can afford better!”

There are 4 different pricing plans you can choose from: 1 month ($12.99/month), 1 year ($5.25/month), 2 years ($3.69/month), and 3 years ($2.5/month).

All options offer the same features, including a 45-day money-back guarantee (14-days for a 1-month subscription). Until very recently, CyberGhost was super-cheap. However, lately, they followed in the footsteps of NordVPN, reducing the subscription lengths and increasing the prices.

There’s also a CyberGhost VPN lifetime subscription deal (which currently seems to be inactive). Other reviewers have pointed out that this pricing model is often a red flag that the product is a scam. They illustrate this with one common-sense observation – it’s not your lifetime the subscription is for, it’s the company’s. In this case, the lifetime subscription seems like a strange business decision at worst.

The 45-day money-back guarantee apparently works very well – we had no problems with it during trials for this CyberGhost review – but there’s also a 7-day CyberGhost free trial. It has a lot of the features available to paying customers and will give you a good sense of what you’re getting into. This is a strong advantage over many premium services.

CyberGhost has a list of payment methods that covers all the main bases – credit card, PayPal, BitCoin, as well as some other location-specific options.

Bottom Line of our CyberGhost review

For one of the most popular VPNs in the market, CyberGhost VPN is, for lack of a better expression, a tool that is “good, but…“:

• It will get you into streaming platforms, but with less success than the top 3 tools in the industry
• It can work in China, but we cannot wholeheartedly recommend it to those most in need of a good VPN in the country
• It’s secure on paper, but it’s been marred by leaks in the past and privacy concerns in the present

CyberGhost VPN has a good set of features for novices – the sleek and user-friendly interface makes everything rather straightforward, eliminating the need to spend more time than necessary when trying to find the right server for your needs. It’s good for streaming and torrents and is currently one of the cheaper tools at the top end of the market.

In short, there certainly is a time and place for this tool. Hopefully, our CyberGhost review will answer whether it works for you.