Sunday 31 May 2015

'Hola' if your VPN was busted selling your bandwidth for botnets

'Hola' if your VPN was busted selling your bandwidth for botnets

Known as a free and simple VPN solution that allows users to access blocked videos and services from overseas (such as Netflix), the peer-to-peer network Hola has amassed over 47 million users worldwide.

That number is bound to decrease significantly however, with the discovery that Hola has been selling its users’ idle bandwidth through a service called Luminati (which Hola owns), allowing it to be repurposed for nefarious reasons.

Unlike other VPN services, Hola doesn’t own servers around the world, instead opting to utilise its users’ IP addresses as ‘exit nodes’ for other people’s traffic.

Frederick Brennan, operator of the notorious 8chan message board, made the discovery after the site experienced multiple DoS attacks and temporary shutdown unknowingly caused by Hola users’ computers through Luminati’s services.

The Luminati is real, and it's everywhere

In a note posted to the 8chan community, Brennan put the blame for his site’s shutdown squarely on Hola, stating that the company “has gotten greedy,” further stating that “they recently realised that they basically have a 9 million IP strong botnet on their hands, and they began selling access to this botnet.”

Luminati boasts that it provides its clients the ability to “route data through any of our millions of IPs that are located in every city around the world,” though its connection with Hola VPN users had not been acknowledged until a short time ago.

TorrentFreak claims that Hola’s FAQ section had been amended only recently to include mention of Luminati, albeit in a sneakily-worded way: “Hola generates revenue by selling a commercial version of the Hola VPN service to businesses (through our Luminati brand),” and that “users who want to enjoy the Hola network without contributing their idle resources can do so by joining the Hola premium service for $5 per month (or $45 per year).”

Hola founder Ofer Vilenski doesn’t seem too fussed about Luminati’s involvement in the attack, stating that “8chan was hit with an attack from a hacker with the handle of BUI. This person then wrote about how he used the Luminati commercial VPN network to hack 8chan. He could have used any commercial VPN network, but chose to do so with ours.”








http://ift.tt/1KxakFx

No comments:

Post a Comment