Very popular HolaVPN poses a huge security risk

Very popular HolaVPN poses a huge security risk

Trend Micro warns users of the popular free virtual private network (VPN) provider HolaVPN that they should stop using the service. According to the security company, this contains a number of unacceptable security risks that put many millions of users at risk.

HolaVPN was founded in the course of 2007 and at the time was bitten as a community peer-to-peer VPN service. Users are exit points for other users. The exact number of them is not known, although the Android app has been downloaded more than ten million times. Estimates of the number of users range from 10 to 175 million.

Most dangerous VPN

Anyway, each of the users is at risk. According to Trend Micro researchers, the data sent via HolaVPN is not encrypted. That means it’s very easy to intercept them. The fact that HolaVPN earns money by selling access to its VPN network also means that users’ computers and smartphones may have been used in a botnet or for spam campaigns.

Users of HolaVPN are not only exposed to privacy and malware risks, but have also had to deal with a variety of irritating and potentially misleading messages from Luminati, the parent company of the service. Ray Wals, privacy expert at, tells the Silicon Angle site that Trend Micro’s decision to designate HolaVPN as malware is a step in the right direction for its users. The risks that HolaVPN poses to its users are serious, because HolaVPN is considered to be the most dangerous VPN in the world for good reason.

No privacy

Because the data is not encrypted, users have a false sense of security. Privacy does not exist within HolaVPN, which means that consumers do not receive any of the benefits that a VPN should offer. In addition, by opening up their computers to other HolaVPN users, users may be opening up their IP addresses to cybercriminals, hackers, and worse.

Finally, Walsh notes that according to its privacy policy, HolaVPN maintains and sells the data and browsing habits of users. In addition, the company sells its customers’ email addresses to advertisers. Hola turned out to have both DNS and WebRTC leaks to deal with.

This news article was automatically translated from Dutch to give a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.