Hola Browser for Windows compromised to deliver cryptominer

Hola Browser for Windows was compromised in a supply-chain attack that delivered an undeclared Monero cryptocurrency miner (initially 'me.exe', later 'HolaMonitorService.exe') to some installations. The malicious binary was unsigned, obfuscated, added a Windows Defender exclusion, installed an auto-start service named 'hola_monitor_svc', and ran when the system was idle. Hola acknowledged the compromise, stated roughly 0.1% of users were affected, and said it has rebuilt its distribution pipeline, tightened code-signing and access controls, and found no evidence of data exfiltration.