DBSA:2015-0003
Disclaimer: as technology changes, advisories may become out of date or may no longer be relevant, please refer to the "Date" section of the header to be sure the advisory is recent as pertains to your situation.
Contents
Digibase Security Advisory - Hola VPN Considered Malicious
Keywords: Hola, VPN, malicious, network, connectivity, botnet, malware
DBSA ID: 2015-0003
Regarding: Hola VPN Considered Malicious
Writeup: Kradorex Xeron (talk) 15:22, 31 May 2015 (EDT)
Date: 2015 05 31
Last Modified: 20150531142428 by Kradorex Xeron
Who should take note: Everyone (especially all Hola VPN users and prospective users)
Classification
Priority: HIGH
Rationale: Users need to act to protect their computer systems.
Severity: HIGH
Rationale: Users may be subject to illegal activities being conducted over their Internet connection.
Spread of Issue: MULTI-PLATFORM HIGH
Rationale: The service website is claiming "47 million" users, thus it is estimated that number are effected by this advisory.
Description
Hola is a VPN (Virtual Private Network) service that claims that it provides users the ability to connect and access geographically-locked services and further claims to enhance privacy. The service operates on a peer to peer (p2p) model by establishing a mesh network between users where other users may use a user's Internet connection to gain access into countries where content is accessible.
It has been identified that users of the free version are unable to opt-out of contributing their connections potentially to illegal activities without paying for the premium version. It has also been more critically identified that the software has multiple exploits and bad security implementations that may result in the network being used like a botnet where malicious parties can directly run software including malicious code on users' machines.
The vendor has attempted to subvert online scanners, but has failed to address the issues with the vulnerabilities.
Mitigation/Solution
It is strongly advised to immediately cease usage of Hola and to uninstall the Hola programs, any browser extensions or related components and to scan with anti-malware/anti-virus software after uninstallation and to monitor one's system for undesired operation. It may be optionally advisable to use software like Revo Uninstaller (http://www.revouninstaller.com/revo_uninstaller_free_download.html) to conduct the uninstallation to monitor for leftovers.
