Hola previously billed itself as a VPN to browse anonymously and access media unavailable in your region, such as Netflix or streaming live sports. In the past week, security researchers have accused Hola of being harmful to the Internet as a whole. As a VPN or “unblocker”, it may have allowed you access to different media but it was also increasing your vulnerability. The security researchers summarized the problem at adios-hola.org as Hola “operates like a poorly secured botnet”.
Hola has since clarified its service as a peer-to-peer service, meaning your Internet traffic can exit through somebody else’s connection and their traffic can exit your connection. Access to the Hola network is then sold to businesses through Hola’s sister company of “Hola for Business” as Luminati (Really?! You chose almost the classic, evil name of all conspiracies.). Companies supposedly use the VPN service to check the prices of their product, check how the site appears from different countries, or audit their site and ad integrity. Despite the legitimate claims for business, a spammer was able to use the service by posing as a business and their negative actions would have been tied to your IP address. Hola sells access to the network from $1.45 to $20 per GB. The security researchers also discussed with the company to find that they have no interest in how the network is being used.
The security researchers created for a self-test on adios-hola.org that indicated if you were vulnerable to being an exit node, being tracked, code execution, and root code execution. It initially worked but Hola has updated their code, which incidentally fixed the tracking issue but also broke the vulnerability checker.
Initial announcement:
Updated site:
The security researchers make their case for why you should immediately stop using and uninstall Hola:
1. They allow for you to be tracked across the internet, no matter what you do
2. They send traffic of strangers through your internet connection
3. They sell access to third parties, and don’t care what it’s used for
4. They let anybody execute programs on your computer
5. They’re trying to rewrite history
The Chrome extension for Hola has been unpublished from the Chrome Web Store. Unfortunately, people might still be “infected” with this software. You can follow the uninstall steps to ensure you remove Hola correctly and completely. Alternatives to use include the well-known Tor, for anonymity, or a legitimate VPN for geo-locked content, though we primarily recommend staying within compliance with the Terms of Use agreement.