Hola Browser Infected Windows Users Through Official Updates
A popular browser just delivered malware through its normal update system. Here's what happened and how to protect your family's computers.
Source
GetCyberRight Intelligence
Original headline: Hola Browser Supply Chain Cryptominer Attack
Plain-English summary by GetCyberRight. Read the full report at the source above.
What Just Happened
Hola Browser, a free VPN and browser service used by millions worldwide, delivered cryptocurrency mining malware to Windows users through its official update channel. This wasn't a traditional hack where criminals broke in. The attackers compromised Hola's software supply chain, meaning the malicious code came through the same trusted update system families rely on to keep their software secure.
The Details
Supply chain attacks are especially dangerous because they exploit trust. When your computer says "Hola Browser has an update available," you expect that update to improve the software. In this case, the update installed a cryptominer instead.
Cryptominers are programs that secretly use your computer's processing power to generate cryptocurrency for attackers. Your computer runs slower. Your electricity bill goes up. Your device gets hot and wears out faster. Meanwhile, criminals profit from stealing your computer's resources.
What makes this attack concerning is that it looked completely legitimate. The malware came through Hola's official update mechanism, signed with proper certificates. Your antivirus software likely saw nothing wrong because the update appeared authentic. This is why supply chain attacks are so effective and why they're becoming more common.
Who Is Affected
Anyone who uses Hola Browser on Windows computers should take immediate action. This includes families who installed Hola for its free VPN service or faster video streaming. Many parents installed Hola without realizing the security risks it already posed (the company has faced previous controversies about selling user bandwidth).
Even if you installed Hola months ago, you're potentially affected if automatic updates were enabled. The compromised update could have installed silently in the background while your family used the computer normally.
What You Should Do Right Now
Uninstall Hola Browser immediately from all Windows computers in your home. Go to Settings > Apps > Apps & Features, find Hola, and select Uninstall. Don't just close the program.
Stay one step ahead of scammers
Weekly cybersecurity briefings for families. No spam, just the threats that matter and what to do about them.
Run a full system scan with Windows Defender or your antivirus software. Look specifically for cryptocurrency miners like XMRig or similar mining tools in the scan results.
Check your computer's performance. Open Task Manager (press Ctrl+Shift+Esc) and look at CPU usage when your computer should be idle. If it's constantly high (above 20-30%) with no programs open, you may still have mining software running.
Consider switching to trusted browsers like Firefox, Chrome, Edge, or Safari. If you need VPN services, research reputable paid options rather than free VPN browsers with questionable business models.
Change passwords for any accounts you accessed while Hola was installed. While the primary threat was the cryptominer, supply chain compromises can include additional malicious code.
The Bigger Picture
Supply chain attacks are increasing because they're incredibly effective. Criminals don't need to trick you into clicking a suspicious link. They compromise the software you already trust. We saw this with SolarWinds affecting major corporations and government agencies. Now we're seeing it affect consumer software like browsers.
The lesson isn't to stop updating software (updates remain critical for security). The lesson is to carefully evaluate what software you trust and to stay informed about compromises when they happen. Free software with unclear business models carries additional risk.
How GetCyberRight Can Help
Our Cyber Threat Radar tool tracks exactly these kinds of supply chain threats and software compromises in real time. Instead of discovering weeks later that software you trusted was compromised, you get timely alerts about threats affecting everyday tools your family actually uses. We translate technical security incidents into clear actions you can take to protect your household, without requiring a cybersecurity degree to understand what's happening.
Curated from trusted cybersecurity sources by GetCyberRight
Source: GetCyberRight IntelligenceStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles
Why Developer Attacks Now Threaten Your Family's Favorite Apps
A recent attack on developer tools means the apps your family relies on daily could be compromised. Here's what you need to know and do right now.
3 min readWhy Brave's New Paid Browser Challenges Everything About Free Privacy Tools
Brave's $20/year Origin browser strips out crypto and AI features. This challenges the myth that free privacy tools are always better for families.
4 min readThe Hidden Privacy Cost of iPhone Ad Blockers That Work Too Well
New ad blocking apps promise to remove ads from all your apps, but they do it by routing everything you do through their servers first.
4 min readHola VPN Turns Computers Into Secret Crypto Miners: What Families Need to Know
The popular free VPN browser Hola was compromised this week to secretly mine cryptocurrency on users' computers. Here's what happened and how to protect your family.
3 min read