Trend Micro Finds Major Flaws in HolaVPN
A popular free VPN is found to have a very high cost for users.
A VPN is often touted as a basic piece of any mobile device security plan. But when the chosen VPN turns out to be not just ineffective but actively working against your security, the user is left both vulnerable and betrayed.
Researchers at Trend Micro have singled out HolaVPN, a free "community VPN," for using customer computers and devices as exit points for spam, phishing messages, and worse. The "worse" is especially important at businesses where employees have downloaded the HolaVPN software. In those cases, HolaVPN could provide a gateway into the enterprise network for malicious software of many varieties.
Community VPNs are those in which the users' computers and devices provide exit points for other users in exchange for low- or no-cost services.
Malicious file access was only part of the problem. The software for HolaVPN failed to provide encryption for users depending on the service to protect their data from theft.
Even without malware or data theft, HolaVPN users were subject to a variety of annoying and possibly misleading messages. In their research, the Trend Micro team found that 85% of the HolaVPN traffic they analyzed was concerned with mobile ads and other mobile-related domains and software.
Read more detailsĀ here.
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024