News, Technology

Beware! Popular VPN plugin Hola is a botnet in disguise

Mohammad Farooq Written by Mohammad Farooq · 1 min read>

A popular Google Chrome extension Hola, which was used to access blocked content and overseas TV shows has been found to turn their own customers into “botnets”.

What are botnets?

Botnet is defined as “The term bot is short for robot. Criminals distribute malicious software (also known as malware) that can turn your computer into a bot (also known as a zombie). When this occurs, your computer can perform automated tasks over the Internet, without you knowing it.”

What was Hola actually doing?

Boasting over 46 million users globally with 7 million using it on the Google Chrome browser alone, these revelations will be shocking indeed. But the company behind Hola, has been responsible for criminal practices by selling the bandwidth of users to anyone willing to dole out money.

To get the dynamics, it is significant to comprehend how Hola operates. Its behavioural model is akin to a peer to peer VPN. For example, users in Pakistan who may want to fake their location to the UK end up being routed through a user in their location of choice. Until no one is accessing their premium services, anyone using their free service will act as an exit node similar to anonymous services like Tor.

Hola users stuck using the free version won’t be able to opt out of being an exit node. By being an exit node, it exacerbates the problem further. For example, any user connecting through you and indulges in something that isn’t legal or against your ISP’s terms of service, liability will fall on you. Hola doesn’t guarantee encryption of your internet traffic in any way.

Hola’s indulged in collecting and selling its users ‘exit routes’ internet bandwidth through a subsidiary named Luminati owned by them. Theoretically anyone would have been able to procure this bandwidth of Hola users, undermining users privacy and security in the process.

What now?

The obvious recommendation would be to stop using Hola and look for alternatives that guarantee user safety. One alternative is to use TunnelBear, which gives you 500 MB every month along with an extra 1 GB added for free from their twitter promo. TunnelBear offers its client for Windows, Mac OS X, iOS and Android with a plugin for Chrome.

Image Credits: The Verge

Written by Mohammad Farooq
Farooq is currently writing for Dawn and TechJuice. He is also volunteering for Digital Rights Pakistan. Profile