Further investigation revealed that MEW users were the main targets of the cyber-attack, which comprised of injected JavaScript using which hackers wanted to phish MEW wallets information by redirecting users to a fake MEW website. Later on, the company took down the fraudulent version and also resecured the Chrome Store account. After an initial investigation, we found that our Google Chrome Store account was compromised and that a hacker uploaded a modified version of the extension to the store.” “Yesterday our deployment team discovered that the Hola Chrome extension which was live for a few hours was not the one that our development team uploaded to the Chrome Store. Hola also released a report to share their side of the story, which read: The company notified its users who access MEW via the Hola extension to immediately transfer their crypto funds to a secure wallet in order to mitigate the threat of attack. We received a report that suggest Hola chrome extension was hacked for approximately 5 hrs and the attack was logging your activity on MEW.
“Urgent! If you have Hola chrome extension installed and used MEW within the last 24 hrs, please transfer your funds immediately to a brand new account!” The Tweet explained that since Hola was hacked for five hours so it was possible for hackers to monitor the activities of some of the MEW users via the extension. The information about the malicious attack on Hola VPN service was shared with MEW users through Twitter. See: Popular Chrome VPN extensions are leaking your DNS data Since MEW itself wasn’t compromised so the regular users of the service stayed unaffected by the breach. When the company noticed the issue with the VPN, it immediately informed its users to stop using Hola so as to prevent their crypto from getting stolen. The cause of this security breach is identified to be a commonly used VPN service with over 50 million users, Hola, which got compromised for five hours.