Re: Hola Free Vpn
Matt Dreher
Long story short, my daughter installed Hola VPN earlier this year to get around some blocks on her school network and in our home network. I removed it and started using OpenDNS as a stop gap to block access for proxy/economizers and some specific sites while looking for other security measures to install. OpenDNS is doing its job blocking the sites, but recently I got a warning on the OpenDNS dashboard "Malware/Botnet Activity Detected In Last 30 Days". Looking back over the logs I see on one particular day lots of requests (blocked) to resolve client.hola.org, perr.hola.org, and a lot of zagent###.hola.org (where ### are different numbers.) Other days (but not everyday) I see hola.org resolution being requested. I've got no idea where this is coming from because I cannot find Hola installed anywhere on the laptops or phones in our house. I tried Wireshark to do some DNS analysis but unfortunately my laptop (Windows) does not have the capability to do a proper promiscuous mode to get DNS requests from all the devices on the network.
I just took a look at their site and apparently they offer not only a desktop application, but also browser addons/extensions for most web browsers so you might check the addons/extensions of any installed browsers. Also keep in mind that if your daughter uses Google Sync in Chrome, she could easily sign in to Chrome to get her preferred extensions installed automatically, then sign out to instantly remove them. Additionally, if she uses a portable build of any browser such any of those that are based on Chromium (such as SRWare Iron), she could keep it on a flash drive with the extension/addon for the VPN installed enabling her to use it without having to install anything on the system itself.
In the meantime, you could try blocking access to the VPN's servers/login page through the Windows Firewall with Advanced Security or by blacklisting them through your router or modem if it allows it (some do, some don't, depending on the features of the firmware/software installed on the router/modem).
Beyond that, if you suspect the system might be infected or simply want a set of experienced and knowledgeable eyes to take a look and see if they might be able to determine the source of the connections for you, please follow the instructions in this topic then create a new topic in our malware removal area by clicking here and a malware removal specialist will guide you in checking and cleaning your system of any threats and hopefully hunting down and stopping the source of the VPN connections. You don't have to do so of course, and if you'd rather continue in this thread to see if anyone else has any ideas you are certainly welcome to do so.
Thank you Exile, I appreciate the suggestions. The browser add on (Chrome) is what she installed at first and then later their phone app (Android). And I did in fact have to untangle it from Google sync (it kept reinstalling itself) too which was a pain but eventually I made sure it was removed from her profile. When I check her devices I look at the history to see if anything was installed and I jump into "Developer Mode" to do an update to see if it brings anything down from her syned profile. I'll keep in mind the flash drive. I haven't noticed her having one, but doesn't hurt to keep an eye out.
Regarding the modem, I'll check into them. For the router, I'm using Eero and they claim that they are working on a blacklist function to deliver later this year, but I'm getting tired of waiting so I may end up dropping and getting something with better security features or adding Circle to the mix. OpenDNS is a stop gap but it's easy to get around it. My daughter has shown herself to be a lot more tech savvy than I expected!
By the way, take a look around the drive for any portable copies of Chrome as well; it doesn't have to be on a flash drive, it just has to be somewhere you haven't/aren't likely to look (though I'd start in the most obvious locations such as the Downloads folder and the user's Documents folder etc. because people can be lazy too, and she might be underestimating you).
The Seattle Foundation and Microsoft Employee Resource Groups (ERGs) have established a scholarship program to assist current high school seniors who self-identify as Hispanic/Latino decent and plan to continue their education in college or vocational school programs.
Selection of finalists is made by Scholarship America. Microsoft will select recipients. Not all applicants to the program will be selected as recipients. All applicants agree to accept the decision as final.
*Essay Topic: Please describe your future plans to either pursue a career and / or engage in the technology industry and explain how you are currently working towards achieving those goals. Also, if you have any notable achievements or experiences using technology during high school, please describe them too. Your response should be clear and concise and should demonstrate your passion for and commitment to the field of technology / STEM.
**Describe any significant and or unusual family, personal, or financial challenges you have faced and how they impacted your academic and personal growth, including school achievement, work experience, or participation in activities. Provide specific examples to illustrate how you have persevered and overcome these challenges.
To apply for an HOLA scholarship, submit your application online through the Scholarships America portal. The applications will open on January 22nd, 2024 and the deadline for application submission is March 13th, 2024, 3:00 PM Central Time. The application questions will be obtained through the portal.
d3342ee215