The security firm analysed 100m anonymously scanned URLs to reveal that each computing device with the free HolaVPN version installed is actually an exit node monetised by the commercial service Luminati which is selling the bandwidth of the VPN's users to third parties by offering a residential proxy network.
Trend Micro's study showed that 85 per cent of the traffic in the dataset was directed to mobile advertisements and other mobile-related domains and programs. This indicates that cybercriminals could potentially use the service for large-scale click fraud schemes.
A link to those responsible for the KlikVip scareware was also discovered with traffic routed through Luminati.
Risks of using an unsafe VPN
While using a VPN can help secure your online activity, using the wrong VPN could put you as well as your systems at risk and this is especially true for HolaVPN users accessing the service from a corporate setting.
Trend Micro's findings revealed that a user's machine becomes one of Luminati's exit nodes once the free version of HolaVPN is installed. If that machine is part of a corporate network, it could provide unknown third parties with an easy way to breach company systems.
HolaVPN has the potential to enable attackers to circumvent corporate firewalls and utilise them to explore the internal network of a company for nefarious purposes.
In addition to this, the bandwidth of HolaVPN users is being sold via Luminati and their machines could end up becoming part of a botnet facilitated by the network. Cybercriminals could take advantage of this access to a user's system to perform various illegal or unauthorised activities on their machines.
Doing the proper research before installing and using a VPN is a step that can't be overlooked which is why we thoroughly test every VPN covered on our site.
- Considering installing a VPN? These are the best VPNs we've tested