You do surprise me.exe: An unexpected executable in Hola Browser
Summary
Sophos X-Ops discovered an unexpected executable file within the Hola Browser following a certification test. This executable was found to be involved in crypto mining activities, suggesting a potential supply chain compromise.
IFF Assessment
FOE
The presence of an unexpected and potentially malicious executable file within a browser indicates a security risk and a potential compromise, which is bad news for defenders.
Defender Context
This finding highlights the importance of supply chain security and vigilant software integrity checks. Defenders should be aware of potential risks associated with third-party software components and actively monitor for unexpected binaries or behaviors in deployed applications.