Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacker Breaches Chrome Extension of Popular VPN Service Hola, Directs Users To Compromised Cryptocurrency Website (bleepingcomputer.com)

Posted by msmash on from the security-woes dept.

Catalin Cimpanu, reporting for BleepingComputer: A hacker has breached a Hola VPN developer account and has replaced the official Chrome extension with one that redirected users of the MyEtherWallet.com website to a phishing page controlled by the attacker. The compromise took place yesterday and only lasted for five hours the MyEtherWallet (MEW) team said in a tweet. The Hola VPN team admitted to the hack. "The attack was programmed to inject a JavaScript tag in to the MEW site to 'phish' information about MEW accounts that are logging in without being in 'incognito mode', by re-directing the MEW users to the hacker's website," the Hola VPN team said.

23 comments

  1. why is a vpn in a chrome extension... by Anonymous Coward · · Score: 2, Insightful

    Seems like a Chrome extension is the wrong place to put a VPN. Maybe that is just me.

    1. Re: why is a vpn in a chrome extension... by Anonymous Coward · · Score: 0

      It would make sense if you are on a machine locked down so that you can't alter network configuration

  2. Not Just Yesterday by Anonymous Coward · · Score: 2, Informative

    I was seeing redirects on my Chrome browser two weeks ago. Virus/Malware scans from various products didn't turn up anything. I removed the Hola extension and the redirects were gone.

  3. Extension security a mess by xack · · Score: 1

    I repeat my proposal for an extension protection mechanism. The more popular an extension gets the bigger opportunity to profit of its compromise exists. It will take an "extension conficker" before security is taken seriously.

  4. That's rare! by Vintermann · · Score: 2

    Cryptocurrency being stolen with old fashioned stuff like actual hacking and phishing, rather than by saying "we got hacked" and running away with your users' bits.

    --
    xkcd is not in the sudoers file. This incident will be reported.
  5. Only Five Hours? by Anonymous Coward · · Score: 0

    If the hacked extension was only up for five hours, then there is no way that both Hola VPN users could have been affected.

  6. TIL: People still use Hola by wardrich86 · · Score: 2

    Hola has been shat on for a number of issues over the years. Anybody still using it pretty much deserves to have this happen to them.

  7. Waiting for the JS haters by Anonymous Coward · · Score: 0

    I'll just eat some popcorn while I watch morons blame this on javascript instead of realizing that the issue is with people/logic/greed and that any language would result in the exact same outcome.

    LET THE CIRCUS OF STUPID BEGIN

    1. Re:Waiting for the JS haters by Anonymous Coward · · Score: 0

      SHITCOCK!

    2. Re:Waiting for the JS haters by Anonymous Coward · · Score: 0

      "the issue is with people/logic/greed"

      While it is all well and good to place the blame here, it is also important to understand that this underlying driver is something that cannot be fixed. Human nature is inherently and desperately wicked. You cannot fix people. So, you have to go after what comes next, and that is tools that are inherently insecure against human wickedness. While no creation of Man can be totally invulnerable to it, let's face it, JS doesn't try very hard.

  8. Very specific hack? by nitehawk214 · · Score: 1

    So does this only affect people that use Hola and use MyEtherWallet?

    --
    I'm a good cook. I'm a fantastic eater. - Steven Brust
    1. Re:Very specific hack? by Anonymous Coward · · Score: 0

      yes

  9. I am APK the LORD of HOSTS by Anonymous Coward · · Score: 1

    I am APK the great "LORD of HOSTS", a.k.a. AlecStaar or Alexander Peter Kowalski.

    I am the godlike creator of various GUI front-ends for other people's configuration files.

    Calling people ne'er-do-wells or Jealous JOWIEs is how I think I win every argument

    When people state the truth about me I get really mad and accuse them of projecting which is something I do all the time.

    Don't call me out on anything unless you are willing to prove you too can write some strings to a file programmatically

    Spamming and being a general pain in the ass is what I do

    Listen as I relive my glory days of being a college athlete in the early 80s

    Bask in my greatness as I can do a ping as a non root user.

    Watch as I whine about my work being flagged as malware by anti-virus software.

    Witness my descent into madness

    APK

  10. proof Chrome is gay by Anonymous Coward · · Score: 0

    gheyed

    1. Re:proof Chrome is gay by CaptainDork · · Score: 1

      Chrome is binary.

      --
      It little behooves the best of us to comment on the rest of us.
  11. NEWSFLASH: apk 2 lrn2engrish by Anonymous Coward · · Score: 0

    prease 2b lrnink2engrish.

  12. Re: Impersonating me AGAIN?... apk by IMightB · · Score: 1

    Hey apk. I've been on /. Since the late 90s and a question has always been on my mind since you started posting...

    Are you the TimeCube guy?

  13. There's no "actual hacking" in computer security by Anonymous Coward · · Score: 0

    It's all s'kiddies and posing. Lots of it. msmash and bleepingcomputer are themselves good examples.

  14. Re:There's no "actual hacking" in computer securit by Anonymous Coward · · Score: 0

    I hacked my balls with my armpit hairs.

  15. Re:There's no "actual hacking" in computer securit by Anonymous Coward · · Score: 0

    so youre saying you have stinky balls?

  16. Re: Impersonating me AGAIN?... apk by Anonymous Coward · · Score: 0

    In all seriousness, it seems like hosts is relevant here to avoid being redirected to the compromised website. Wouldn't you agree?

  17. Another? by TechMaster321 · · Score: 1

    This has been happening far too often recently.