Hacker Breaches Chrome Extension of Popular VPN Service Hola, Directs Users To Compromised Cryptocurrency Website

Catalin Cimpanu, reporting for BleepingComputer: A hacker has breached a Hola VPN developer account and has replaced the official Chrome extension with one that redirected users of the MyEtherWallet.com website to a phishing page controlled by the attacker. The compromise took place yesterday and only lasted for five hours the MyEtherWallet (MEW) team said in a tweet. The Hola VPN team admitted to the hack. "The attack was programmed to inject a JavaScript tag in to the MEW site to 'phish' information about MEW accounts that are logging in without being in 'incognito mode', by re-directing the MEW users to the hacker's website," the Hola VPN team said.

why is a vpn in a chrome extension...

[Anonymous Coward]

Seems like a Chrome extension is the wrong place to put a VPN. Maybe that is just me.

Not Just Yesterday

[Anonymous Coward]

I was seeing redirects on my Chrome browser two weeks ago. Virus/Malware scans from various products didn't turn up anything. I removed the Hola extension and the redirects were gone.

Extension security a mess

[xack]

I repeat my proposal for an extension protection mechanism. The more popular an extension gets the bigger opportunity to profit of its compromise exists. It will take an "extension conficker" before security is taken seriously.

That's rare!

[Vintermann]

Cryptocurrency being stolen with old fashioned stuff like actual hacking and phishing, rather than by saying "we got hacked" and running away with your users' bits.

TIL: People still use Hola

[wardrich86]

Hola has been shat on for a number of issues over the years. Anybody still using it pretty much deserves to have this happen to them.

Very specific hack?

[nitehawk214]

So does this only affect people that use Hola and use MyEtherWallet?

I am APK the LORD of HOSTS

[Anonymous Coward]

I am APK the great "LORD of HOSTS", a.k.a. AlecStaar or Alexander Peter Kowalski.

I am the godlike creator of various GUI front-ends for other people's configuration files.

Calling people ne'er-do-wells or Jealous JOWIEs is how I think I win every argument

When people state the truth about me I get really mad and accuse them of projecting which is something I do all the time.

Don't call me out on anything unless you are willing to prove you too can write some strings to a file programmatically

Spamming

Re: Impersonating me AGAIN?... apk

[IMightB]

Hey apk. I've been on /. Since the late 90s and a question has always been on my mind since you started posting...

Are you the TimeCube guy?

Re:

[CaptainDork]

Chrome is binary.

Another?

[TechMaster321]

This has been happening far too often recently.