By: Seth Whaley, Director of Marketing, IMPACT Technology Group
While you may think you have measures in place to prevent users in your workplace from opening your network up to internet attackers, these users may also be utilizing various pieces of software or services to circumvent your measures. One such example of this could be a user utilizing remote connection software to connect to a computer at home where they perform the tasks that you have blocked on your network or a user utilizing a Virtual Private Network, otherwise known as a VPN, to effectively anonymize their internet traffic. Many users utilize a VPN service in order to thwart country-restrictions on content served by Netflix, Hulu, and similar blocks which could prevent them from accessing the content. Recent news came out regarding a VPN service known as Hola. This service offers a free VPN to customers and offers them a simple way to bypass your network security measures using any device they have. Hola also offers access with a “premium” plan, which should make the user wonder… What exactly is the difference between these and why can the offer nearly identical services for two different prices?
It has been discovered that Hola actually uses the idle resources of all FREE users on their service. What this means is that Hola is using any bandwidth available that is not being utilized, effectively crippling your connection. Not only is this an issue in regards to your ability to effectively utilize the internet service that you are paying for, Hola is offering your internet bandwidth up to anyone who is willing to pay. Following an unproven report that Hola was being utilized as a botnet, security researchers discovered that the applications contained multiple vulnerabilities which could allow remote attackers to execute code on a user’s machine. Various other cybersecurity firms and technology experts have also weighed in on this software, with one notable cybersecurity firm stating that “in addition to behaving like a botnet, Hola contains a variety of capabilities that almost appear to be designed to enable a targeted, human-driven cyber-attack on the network in which a Hola user’s machine resides.”
This is disconcerting to say the least, but the bad news doesn’t end there. When this software is installed, it installs its own code-signing certificate, adding it to the Trusted Publishers Certificate Store on Windows machines. This allows ANY code to be installed and run without notification given to the user. This software contains a built-in console (used to perform code executions) that is constantly running and has the ability to perform various actions such as killing processes, downloading and running files… All while bypassing anti-virus software, and even allowing the ability to read/write content to any IP address or device on your network.
In summary, this software should never even be considered and hopefully this story will make you think twice about downloading applications just because they are “FREE.” Do not let this software deter you from the legitimacy of VPNs and how useful of a tool they can be when implemented properly.
Seth Whaley is the Director of Marketing at IMPACT Technology Group. With no previous marketing department or systems, Seth has been implementing these systems to get the IMPACT message out to the Delmarva Peninsula. He has called Delmarva home his entire life and is a recent graduate of Salisbury University with dual majors in Marketing and Information Systems.