Stop Using Hola Unblocker Now! Here’s Why

By Kamal Nayan - 02 Jun '15 03:39AM

Hola is harmful to the Internet as a whole and to its users in particular, according to a group of researchers. The free VPN "unblocker" operates like a poorly secured botnet, which has serious consequences.

Hola, an Israeli startup is a peer-to-peer program that routes people's Internet traffic through other Hola users' computers.

Researchers who uncovered the vulnerabilities of using Hola, launched a website, "Adios Hola!" describing several flaws affecting the Hola Unblocker Windows client, the extension for Firefox and Chrome, and its Android application.

The flaws could allow "a remote or local attacker to gain code execution and potentially escalate privileges on a user's system," the advisory noted.

Researchers further added that using Hola can also subject users to a man-in-the-middle attack, where their browsing traffic could be observed or a remote file could be downloaded to their system.

Hola's CEO, Ofer Vilenski, admitted in a blog post Monday that his company made mistakes but is trying to fix them by undergoing an internal security review and an external audit.

"We have experienced the growing pains of our large network now and are implementing these lessons," he wrote.

However, the advisory noted that the statement doesn't quite address the issues - many of the issues are ignored, and some claims are simply false.

"The vulnerabilities are *still* there, they just broke our vulnerability checker and exploit demonstration. Not only that; there weren't two vulnerabilities, there were six," researchers noted.

Fun Stuff

The Next Read

Real Time Analytics