Hola browser extension should be deleted, Security researchers

The reputation disaster for Hole (geo-unblocking application) has extended with a report from Vectra (Cybersecurity Company). Moreover to exposing a console within Hola that enables a hacker to “accomplish almost everything”, Vectra has found that Hola had already been compromised by “bad guys” before reports appeared against the Hola past week.

Almost 50 million people downloading the Hola browser application, it blasted in popularity 2 years ago by enabling the users to bypass geographical restriction to access services like Netflix. The CEO of Hola VPN has refused allegations that utilizing their service puts 50 million consumer in danger of being part of a botnet.

Last week, a website was launched named ‘Adios-hola.org’ by a group of nine researchers, they describes various vulnerabilities affecting Hola Android application, extension for Chrome and Firefox and Hola Unbloker Windows client.

As per an advisory statement, the vulnerability could enable, “a remote or local attacker to gain code execution and potentially escalate privileges on a user’s system.”

The researchers also cautioned that folks using Hola could be targeted to a man-in-the-middle hack, where their private browsing activities could be watched or an affected file could be transferred to their personal computer.

Users may not be conscious, for instance, the affected files could be sent through their system without their permission, triggering potential legal glitches, the experts contend.

Ofer Vilenski, Hola’s CEO, admitted in an article on Monday that his firm made mistakes however is trying to solve them by undertaking an external audit and internal security review. He wrote, “We have experienced the growing pains of our large network now and are implementing these lessons.”

Hole solved two bugs in its products a week ago, which could enable an attacker to install remote code on systems with Hola installed, as stated by the CEO. He also wrote, “In fact, we fixed both vulnerabilities within a few hours of them being published and pushed an update to all our community.”

Last week, an attacker misused Hole’s premium package, named Luminati, to send a DDoS attack against the 8chan (image board). Luminati is a premium service that uses the bandwidth of systems running the free Firefox or Chrome Hole extension.

A statement came from 8chan that, “an attacker used the Luminati network to send thousands of legitimate looking POST requests to 8chan’s post.php in 30 seconds,” which affected visitors to spike by 100 times.

On the other hand Vilenski stated that the hacker achieved to trick Hola into enabling him to become a Luminati user, who are compulsory to show proof of identity.

He wrote, “He passed through our filters and was able to take advantage of our network. We analyzed the incident and built the necessary measures in our processes to ensure that such incidents do not occur and deactivated his service.”

Study into Hola is now coming from additional sources. A PC security firm, Vectra, studied Hole and came to a verdict that Hola, “contains a variety of features that make it an ideal platform for executing targeted cyber-attacks.”

VirusTotal has been able to found 5 different Malwares in Hola, Vectra stated, “Unsurprisingly, this means that bad guys had realized the potential of Hola before the recent flurry of public reports by the good guys.”

Ali Raza Ali is a freelance journalist, having 5 years of experience in web journalism and marketing. He contributes to various online publications. With a Master degree, now he combines his passions for writing about internet security and technology for SecurityGladiators. When he is not working, he loves traveling and playing games.
Leave a Comment