Skip to content ↓ | Skip to navigation ↓

An anonymous message board was the alleged target of several denial of service (DoS) attacks launched by the free VPN service Hola earlier this week.

Israeli-based Hola is one of the most popular free virtual private network (VPN) providers today. It boasts seven million users of its Chrome extension alone.

However, according to Frederick Brennan, operator of the 8chan message board, a design flaw that allows subscribers to use the VPN freely makes Hola a viable launchpad for DoS attacks.

“When a user installs Hola, he becomes a VPN endpoint, and other users of the Hola network may exit through his internet connection and take on his IP,” Brennan explains in a statement posted on 8chan. “This is what makes it free: Hola does not pay for the bandwidth that its VPN uses at all”

Hola stands in contrast to other VPN services, many of which use their own servers spread around the world to channel users’ Internet connections, and the anonymizing service Tor, which unlike Hola requires that users opt in to be exit nodes in the expectation that they will be channeling unwanted web traffic.

Brennan goes on to explain that the owners of Hola, having realized “that they basically have a 9 million IP strong botnet on their hands,” have begun to sell access to the botnet at, Hola’s Luminati brand.

holaApparently, one of these alleged customers used Hola to launch a DoS attack against 8chan.

“An attacker used the Luminati network to send thousands of legitimate-looking POST requests to 8chan’s post.php in 30 seconds, representing a 100x spike over peak traffic and crashing PHP-FPM,” reports Brennan.

Hola founder Ofer Vilenski has confirmed that the VPN sells its users’ bandwidth commercially and that Hola was used to attack 8chan.

Vilenski has also stated that his company will release the name of the member who used Hola against 8chan in the event that the latter is able to obtain a court order for release of information regarding this week’s attack.

10 Ways Tripwire Outperforms Other Cybersecurity Solutions
  • Attackers can use any of vpn service as want. I think this acts comes from their rivals.There is not any difference between free and paid vpns. But you should take some time and read their terms of service & privacy policy. Some of they said obviously shared your informations with third parties. ZPN is free for 10GB of usage and doesnt keep any logs and have no third party information share. One of the best free vpn so far if the keeping your privacy matter for anyone.

  • Sorenson

    That is why I never use a free VPN. People don’t understand it and take a huge risk without even knowing what they are doing. Hola is the biggest example of it. I use cheap VPN instead that earns from the money I pay instead of earning from my resources. I use Ivacy VPN that is only $1.83 per month.

<!-- -->