Free virtual private network (VPN) service Hola, available as a popular Chrome extension, is well-known among users who frequently like to watch videos and TV shows from other countries that location blocked. Sadly, it has just been discovered that owners of the service have actually been selling users’ bandwidth as botnet, or bulk traffic that can be purchased and used in a denial-of-service attack on a website. Hola claims this has always been clear in their terms of service, but users say they have never been made aware of this bandwidth usage.
In order for Hola to be free to users, it doesn’t rely on its own bandwidth or servers like a normal VPN, but instead operates like a peer-to-peer network, rerouting users’ connections through each other in order to get around region blocks. Hola has been selling users’ idle bandwidth under the brand Luminati, and users who don’t want their bandwidth used this way must pay a $5 monthly fee, according to Hola’s FAQ page.
This was all discovered by the operator of 8chan, a controversial internet forum, a site that recently became a target of a DoS attack that used Hola’s network. The news has become a hot topic of discussion on Reddit, where users have voiced their outrage as well as concerns that their bandwidth was used for illegal purposes.
Ofer Vilenski, Hola’s founder, says that they have always been clear with users about how they can offer their service for free. Their FAQ does state how their business model works, but as TorrentFreak mentions, it seems that the page has only been recently updated to include information about Luminati and selling users’ bandwidth.