Why You Should Never Use Or Trust Free VPN Services - HolaVPN Botnet Discovered - Hidden Router VPN
Why You Should Never Use or Trust Free VPN Services - HolaVPN Botnet Discovered 1
Linus Torvalds (creator of Linux) calls WireGuard VPN protocol (the one we use) “A work of art”
November 1, 2018
Why You Should Never Use or Trust Free VPN Services - HolaVPN Botnet Discovered 2
Hidden VPN owners unveiled: 99 VPN products run by just 23 companie
July 27, 2019
Show all

Why You Should Never Use or Trust Free VPN Services – HolaVPN Botnet Discovered

hola vpn botnet

Greetings, Hidden Router readers!

We have some not-so-good news, regarding one of the biggest Free VPN providers – HolaVPN.

Let us begin, by saying that our Hidden WiFi VPN Router and our Hidden WireGuard VPN Service provide you with the fastest available VPN speeds in the world, while helping you keep your entire household protected. All devices connected to our router have strong encryption, and still run a lot faster than any OpenVPN VPN provider.

Now lets get to the news on hand.

The widely used free VPN service HolaVPN exploits its users by selling their bandwidth to online criminals and fraudsters and “poses severe risks to the internet community, effectively making every device join a botnet.” security firm Trend Micro said in a report.

According to the report, which was posted yesterday (Dec. 18), when users install the free Hola client application, they’re also installing software from Luminati, a sister company of Hola that sells access to residential IP addresses.

Luminati’s clients appear to be primarily mobile advertisers, Trend Micro said, but they also include ad fraudsters, data scrapers and full-on cybercriminals, all of whom evade detection by hiding behind the IP addresses of unwitting Hola VPN clients.

“HolaVPN users’ bandwidths are being sold via Luminati and could end up being part of botnet activity facilitated by the network,” Trend Micro said in a blog posting introducing its report. “It could also enable cybercriminals to perform different illegal or unauthorized activities on users’ machines.”

If you’re currently using Hola’s free service, you might want to stop. Uninstalling the software may have to be done manually by deleting individual files, as Trend Micro said the uninstall tool provided with the Hola client software does not in fact do the job.

In a statement provided to Computer Business Review, Hola said that “the Trend Micro report is a sensational, irresponsible report, falsely suggesting that all VPN users want to hide their identity, and that the Luminati network is anything other than a fully legitimate transparency network. … Hola is a Free unblocker which is used for seeing any content from any location. It is not a privacy VPN and does not purport to be so.”

In 2015, Hola admitted that it sold the bandwidth of its free users to Luminati customers. However, the Trend Micro report is the first to look into who those customers are.

Hola advertises its free service as a “peer to peer” VPN service, implying that its users will be routed through each other’s IP addresses to evade detection. The company website claims that Hola is used by “over 175 million people around the world,” and the Android client app has been downloaded more than 10 million times.

We at Hidden Router don’t recommend any wholly free VPN because we can’t trust them. Using one defeats the purpose of having a VPN.

A VPN with no encryption

Trend Micro noted that the traffic Hola carries is not encrypted at all, and that the client software is in fact “an unencrypted web proxy service.”

“We found that traffic is mostly routed through roughly 1,000 super nodes in data centers,” the report stated. “The vast majority of the traffic that is routed through the residential HolaVPN exit nodes is not generated by other HolaVPN users.”

Rather, said Trend Micro, that traffic comes from Luminati customers, who pay the company for access to Hola customers’ home networks. Such access is very valuable to persons engaged in online advertising fraud, which often consists of generating fake impressions on ads to boost revenue.

“Usage of the residential proxy network of Luminati cannot easily be detected by website owners and advertisers — the exit nodes are not known publicly,” Trend Micro’s report said. “IP addresses that are assigned to home users are often dynamic and not static. This means it is very hard to detect and block Luminati exit nodes.”

Up to no good

Shady characters use those home IP addresses to get up to all sorts of dirty dealings, Trend Micro said.

“A substantial part of the Luminati traffic was related to the scraping of online content such as subscription-based scientific magazines, private contact details of physicians and attorneys, data on inmates, court documents in the U.S. and China, credit information, and even the Interpol’s most wanted list,” the report said.

“Airline reservation systems and websites that sell concert tickets were being accessed frequently via Luminati as well. Boarding passes, online check-in portals and Passenger Name Records (PNR) were accessed via Luminati in significant numbers.”

Such activities fall foul of various copyright and privacy laws, but they’re not dangerous in general. However, Trend Micro said full-on cybercriminals seemed to be using Luminati.

“Hackers have attempted to verify leaked webmail credentials via Luminati and have even tried to access the webmail of companies through the proxy network for an extended time period,” the report said.

A back door into your network

There was no detection of actual malware being transmitted across the Luminati network, but the report says that “a user’s machine, once installed with the free HolaVPN, will become one of Luminati’s exit nodes.”

“If the user’s machine happens to be part of a corporate network, it’s being an exit node may provide unknown third parties possible entry to company systems,” Trend Micro said. “HolaVPN could enable attackers to circumvent corporate firewalls and allow them to explore the internal network of a company for nefarious purposes.”

Needless to say, the same would apply to home networks, which would be less tempting targets than enterprise networks but which could still yield valuable personal information such as credit-card numbers and online account credentials.

So all and all – we strongly recommend everyone worried about their safety and worried about VPNs slowing their speeds down to switch the our Hidden WiFi VPN Router and our extremely fast and secure Hidden WireGuard VPN Service. We provide servers throughout the world, and our VPN Servers work with the majority of the most popular streaming sites.

Thank you,
Hidden Router Team

Source: TomsGuide