Hola VPN Chrome Dev Account Breached to setup Phishing Page for MyEtherWallet.com
A developer of Hola VPN never did know that his account had been compromised by hackers to redirect users to the crypto wallet – MyEtherWallet.com (MEW) – to a phishing page.
Original Chrome Extension Compromised
Hackers had successfully exploited the Chrome extension that the developer of the Hola VPN applications used, to stealthily gain MEW cyber wallet’s user access information which is for confidential usage by the account holders.
Post discovery of the compromise Hola developers said that they had notified the MEW, as well as Google, the developer of the open source browser Chrome. Google has provided an extension plugin for users who like to use Chrome as the default browser over that of other proprietary browsers such as Explorer.
By the end of the day, the entire Chrome Extension for Hola VPN was restored. There has been no official statement on the method of access the hackers used to intrude on the Hola VPN chrome extension and the Chrome Web Store developer account.
Lately, there has been umpteen number of attacks on via Chrome extensions dislodging developer accounts holding irredeemable data about the user base.
MEW, meanwhile clarified that the number of users affected on its platform was limited. In a tweet, the cyber-wallet reported that “Urgent! If you have Hola chrome extension installed and used MEW within the last 24 hrs, please transfer your funds immediately to a brand new account!”
The open source browser updates are executed in the background, and new versions of the update are pushed out. The wallet has been a target for hackers several times in the year now. Last April MEW users were affected when another key technology services provider, Amazon.com was hijacked via BGP routes. In Amazon’s case, the DNS entries to MEW were hijacked and were excited about a phishing site. The loss incurred in total at this hacker haul was $160,000 from the attack.
The fresh round of cyber robberies has been puzzling since there are no clear indicators about the group that was involved in pulling off this phishing stunt. No group has come forward to claim the hijack.
Crypto wallets appear to be vulnerable, as they are exploited by hackers at the developer account stage itself. Investigations did not provide information on the exact interval during which the malicious extension infected the Chrome Web Store and the point at which the phishing site became active.
Though, there have been no specific’s shared by the company in this regard, the most sensible thing for users who hold accounts on the Hola VPN extension should hasten to transfer their accounts to MEW.