The free VPN service Hola appears not to be used for DDoS attacks, malware also communicated over the network. In addition, the software is such a big security risk that users can better remove VPN service, say researchers at security company Vectra.
Last week Hola came into the news because it resold the bandwidth of users to other parties. Someone who knew the company did then the bandwidth to be used for a DDoS attack. Also, researchers discovered several vulnerabilities, making it possible to track users and to execute arbitrary code on computers. The CEO of Hola promised improvement and suggested that the vulnerabilities were corrected, although researchers contradict this.
Malware
The DDoS attack via the VPN service is no exception, because cyber criminals Hola appear to have been longer in sight.During investigation of the Hola protocol Vectra researchers discovered five malware instances that also use the protocol."Not surprisingly, this means that the bad guys already realized the potential of Hola before the power of public reports published by the good guys", so put them in this analysis .
The investigation revealed further problems upwards. In addition to behave like a botnet contains Hola according to researchers various opportunities that seem to have been a targeted by introducing a human-driven cyber attack on the network from which the computers of the Hola-user stand.
It also appears Hola additional software without knowledge or consent of the user to download and install. This is possible because Hola after installation installs its own certificate on the computer. This additional code can be installed and run without the user would not be informed. "These capabilities allow a skilled attacker to execute almost everything," said the researchers. They also advise users to remove the software.
The DDoS attack via the VPN service is no exception, because cyber criminals Hola appear to have been longer in sight.During investigation of the Hola protocol Vectra researchers discovered five malware instances that also use the protocol."Not surprisingly, this means that the bad guys already realized the potential of Hola before the power of public reports published by the good guys", so put them in this analysis .
The investigation revealed further problems upwards. In addition to behave like a botnet contains Hola according to researchers various opportunities that seem to have been a targeted by introducing a human-driven cyber attack on the network from which the computers of the Hola-user stand.
It also appears Hola additional software without knowledge or consent of the user to download and install. This is possible because Hola after installation installs its own certificate on the computer. This additional code can be installed and run without the user would not be informed. "These capabilities allow a skilled attacker to execute almost everything," said the researchers. They also advise users to remove the software.
Samples Hashes:
- 83fd35d895c08b08d96666d2e40468f56317ff1d7460834eb7f96a9773fadd2d
- 2f54630804eeed4162618b1aff55a114714eeb9d3b83f2dd2082508948169401
- 65687dacabd916a9811eeb139d2c2dada1cefa8c446d92f9a11c866be672280b
- 43498f20431132cd28371b80aed58d357367f7fa836004266f30674802a0c59c
- 59a9fedeb29552c93bb78fff72b1de95a3c7d1c4fc5ad1e22a3bbb8c8ddbfaba
No comments:
Post a Comment