The Hola VPN Browser Plugin Shares Your Internet Connection with Botnets
The popular Hola VPN extension is funded by reselling the bandwidth of the people on the network, allowing malicious users to stage attacks from your home IP address.
Further, it contains / contained serious security vulnerabilities that can compromise the systems of Hola users.
Security firm Vectra writes (source TorrentFreak):
“First, the Hola software can download and install any additional software without the user’s knowledge. This is because in addition to being signed with a valid code-signing certificate, once Hola has been installed, the software installs its own code-signing certificate on the user’s system.”
If the implications of that aren’t entirely clear, Vectra assists on that front too. On Windows machines, the certificate is added to the Trusted Publishers Certificate Store which allows *any code* to be installed and run with no notification given to the user. That is frightening.
Furthermore, Vectra found that Hola contains a built-in console (“zconsole”) that is not only constantly active but also has powerful functions including the ability to kill running processes, download a file and run it whilst bypassing anti-virus software, plus read and write content to any IP address or device.[see update]
“These capabilities enable a competent attacker to accomplish almost anything. This shifts the discussion away from a leaky and unscrupulous anonymity network, and instead forces us to acknowledge the possibility that an attacker could easily use Hola as a platform to launch a targeted attack within any network containing the Hola software,” Vectra says.
Finally, Vectra says that while analyzing the protocol used by Hola, its researchers found five different malware samples on VirusTotal that contain the Hola protocol. Worryingly, they existed before the recent bad press.”
Hola has a bad security reputation and sells your bandwidth to the highest bidder.
And if you sign up with a social media account, they harvest everything that is public as well:
So to sum up Hola VPN: Botnets, Selling Your Bandwidth, Security Vulnerabilities, Data Harvesting for “Analytics.”