Popular Hola VPN plugin compromised

    The popular VPN plugin for Chrome and Android called Hola, which is used by more than 50 million people around the world, has been compromised . The attack targets users of MyEtherWallet, one of the largest hot online wallets for ether holders. The attack lasted about five hours and during this time Hola collected information about the wallets of MEW users with the aim of the subsequent theft of cryptocurrency.

    In the only recommendation received from the wallet administration, it is advised to open a new MEW wallet and transfer your funds there if you are a Hola user and have performed actions in MyEtherWallet in the last 24 hours.

    This is the second attack on MyEtherWallet users in the past four months. This spring, hackers managed to crack the DNS server that MyEtherWallet used, which allowed users to be redirected to a phishing site with a St. Petersburg IP address. Then at least 215 ETH was stolen. It is believed that the same people are behind both of these attacks.

    It is worth noting that the Hola VPN plugin was previously compromised back in 2015. Then Hola users were involved in conducting massive DDoS attacks.

    The main reason Hola is attractive to cybercriminals is the popularity of the plugin coupled with the use of peer-to-peer peer-to-peer architecture to establish a connection. Extremely careless development also plays a role, which has led to a number of vulnerabilities and loopholes for attackers. In addition, the Hola administration was seen to be extremely negligent in the case of providing paid access to the network. In 2015, the developers stated that they “eliminated the vulnerability within a few hours after the report,” however, the group of researchers, who pointed out the problem, strongly disagreed with this :

    They say they fixed the vulnerability in a few hours, but we know that is a lie. The developers simply broke our verification method, and they themselves reported that the vulnerability was fixed. In addition, there were not two holes, as they say, but six .

    In the conflict of 2015, it was not just the theft of personal data through the plugin. Then the developers were accused of criminal negligence, selling access to the network to dubious persons, and even providing the ability to execute the code on the side of the user without his knowledge.

    Unlike Tor users, who are most often aware of what they are doing and what access they provide, the out of the box plug-in has gained popularity among ordinary users who may not even fully understand how this “magic button” works in Chrome - for only the final effect is important in the form of accessibility of blocked resources and conditional anonymity.

    Also popular now: