A fake version of the Hola VPN was uploaded to the Google Play Store on July 9 which compromised MyEtherWallet (MEW) for those who downloaded it. MEW user activity and passwords were exposed to the hacker for users who downloaded the app within the five hours it was live as they were directed to a fake website.<\/p>\n
Hola VPN’s Google Chrome Store account was compromised, which allowed a hacker to upload a modified version of the Chrome extension. The fake extension was programmed to ‘phish’ information about MEW accounts by re-directing the MEW users to the hacker’s website.<\/p>\n
Hola said, in a blog post<\/a>: “Immediately upon learning about the incident, we set up a CyberSecurity response team to investigate the incident. We also took immediate emergency steps to immediately replace the extension, secure the developer’s account, and to monitor versions on a constant basis to ensure this does not recur.”<\/p>\n Urgent! If you have Hola chrome extension installed and used MEW within the last 24 hrs, please transfer your funds immediately to a brand new account!<\/p>\n — MyEtherWallet | MEW (@myetherwallet) July 10, 2018<\/a><\/p><\/blockquote>\n\n