Menu
Reply
Highlighted
  • 18.39K
  • 1.07K
  • 7.91K
Very Insightful Person
Very Insightful Person
536 Views
Message 1 of 2
Flag for a moderator

Hola - Get rid of it.

Disclaimer:  I am not a Virgin Media employee.  The opinions posted here are my own and should not be taken to represent the opinions of Virgin Media or it's affiliates.

Introduction

While investigating why a number of Virgin Media users were getting their IP addresses listed on the Composite Snowshoe Blocklist. (Hereafter CSS), a the name Hola came up a few times.

Hola announces themselves as a VPN provider with paid and free plans.  But Hola Free VPN is anything but a VPN.

  1. Hola's free offering is a peer to peer network that uses "the idle time of your device" to provide resources for other users and makes your PC a potential exit node for traffic.
  2. Hola's free offering is unencrypted - meaning that there is no security advantage, the only thing it can really provide is a proxy service to mask your PC
  3. Hola collects data on your usage and shares with third parties.
  4. Hola is used for malicious purposes in order to hide the true origin of spam traffic.

The fourth is a biggy as it means you are effectively joining a network of computers sending out spam.

While the experiences of other users did tell me this was happening I did install Hola on my PC to confirm this directly.

I'd come up with a means of identifying spam traffic using Wireshark

https://community.virginmedia.com/t5/Security-matters/Searching-for-Spambots-on-your-network/td-p/40...

So I set this up and after installing Hola - this is what I found:

holawireshark.PNG

This was just one of several connections taking place on port 25.

After completely removing Hola and checking again the traffic vanished.

While Hola's paid services apparently remove you from the peer to peer portion of the network, as far as I'm concerned Hola has no right in calling their free service a VPN and effectively turns it's users into unwitting spammers.

If you do use Hola - remove it.

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Highlighted
  • 4.85K
  • 532
  • 1.76K
Very Insightful Person
Very Insightful Person
457 Views
Message 2 of 2
Flag for a moderator

Re: Hola - Get rid of it.

Whilst Hola's VPN service is of concern what is equally worrying here IMHO is had it not been for Virgin Media's unorthodox use of Spamhaus's CSS the spambot activities would have remained unnoticed; maybe time to harden the outgoing firewall rules where supported.

 

As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.

Click to learn more about VIP

 Use Kudos to say thanks

 Mark as Helpful Answer if I've helped