Hola VPN, our favorite VPN service to hate, is at it again. In the evening of 9 July 2018, MyEtherWallet (MEW) announced that a Hola VPN hack has potentially jeopardized the crypto wallets of all who used Hola‘s Chrome extension over a period of 5 hours. MEW suggested that compromised users should immediately transfer their money to a different wallet (if they still could). It isn‘t yet clear how much money was lost due to this attack, but that‘s really beside the point…
Hola VPN hack proves service to be unreliable
Perhaps it’s a bit cynical to say “never trust someone who’s always happy,” but we think Hola VPN bears this idea out. It’s not the first time this free Israel-based VPN service is being portrayed in an unflattering way. The last time was arguably even worse, but we’ll let you be the judge.
In 2015 it came to light that Hola VPN had been selling off its users’ bandwidth to a sister company – Luminati. Virtual Private Networks are expensive to run, particularly in terms of infrastructure. Hola tries to solve the issue of costliness by having users’ PCs route traffic through them, using that bandwidth in the process. This would supposedly only happen when the computers are idle, plugged into a power source, not using mobile data, etc. So far so good, but what happens when your IP gets caught up in something illegal? Case in point: Luminati sells bandwidth for large-scale data transfers – Hola users’ bandwidth to be precise. Well, on at least one occasion that bandwidth was used as part of a botnet to carry out a DDoS attack on 8chan (8ch.net) – oops!
What’s Hola done now?
So now several years have passed and here we are, bashing Hola VPN once again. Even though this case doesn’t seem to be as malicious as the last, the consequences are still quite terrible.
MyEtherWallet is a popular cryptocurrency management service. It allows users to access wallets as well as make transactions. It is important to be quite clear here – MyEtherWallet was not hacked. What happened was hackers used currently-unclear means to hijack Hola VPN and log users’ activity on MyEtherWallet. This means they could have potentially hijacked login credentials needed to access your wallet and make crypto transactions.
You might be inclined to say this isn’t Hola VPN’s fault here, but in reality, if you get hacked, it’s at least somewhat your fault. The charge isn’t malice – it’s negligence. Which brings us to a more general point.
Free VPN services
What was the last good thing you got for free? Christmas doesn’t count!
Whenever you get a VPN that claims to be absolutely free, you can be sure someone is paying. Usually that someone is you, but the payment is made indirectly. Some services will track your activities and sell the logs to big data companies. Others, like Hola VPN, will do something else. In this case, the VPN is funded by selling your bandwidth off to another service.
There are many ways VPNs will work to remain free and you want no part of any of them. Whatever your goal is for getting a VPN, a paid one will do a better job and produce less of a risk for your privacy and security. Some of them are so cheap they’re almost free anyway! Here’s our list of top 10 ranking VPNs for those interested.
If you do insist on being a cheapskate – choose wisely. There certainly aren’t many services worth the time of day. Most of the good ones will limit how much data you can transfer or something else, but at least you’ll be secure. Have a look at our list of Best Free VPN Services!
Read our full Hola VPN Review.