Friday03 February 2023

VPN Service Hola Leaves you vulnerable to tracking and hacking...

Reading time is around minutes.

There is nothing worse than thinking you are protecting your internet travels when in reality you are participating in a giant botnet. That appears to be the case that is happening with VPN provider Hola. According to security researchers the use of the service still leaves you at risk of being tracked regardless of what you do and leaves you at even greater risk than just tracking.

Hola operates as a peer-to-peer VPN network which means that everyone participates in the entry and exit traffic. The upshot of this is that your internet connection could be used by someone to perform illegal actions. Now before you liken this to using the Tor network you should note that with Tor you have the option to run as an exit node, with Hola you do not.

There are many other issues with Hola that make its use a bad idea. One of them is that they sell unrestricted access to their network through another paid service. This access is not monitored so once again your internet connection could be used as a source for an attack or to perform other illegal activities. Other users of Hola can also execute code on your system through a couple of vulnerabilities that exist within the framework.

Now this type of vulnerability in peer to peer VPN services is nothing really new and the risk exists in using any public service of being tracked and exploited. What makes the issue with Hola bad is that they are claiming they have fixed all of these issues when they still exist in the client (with the exception of a move code execution exploit). They have also removed claims of anonymity from their site.

This type of behavior is really not acceptable in any company. It is one thing to have issues with your software. All code will have bugs and problems. When they are found, fix them. Do not try to cover them up or lie about them. If you are using Hola we strongly recommend uninstalling it and finding another service. Even if they do finally fix the current holes in their security they are not a company we can recommend simply because of the way they have acted when presented with problems.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.