Bright Data: Why TrendMicro’s Report Is Shockingly Wrong

In this blog, we provide some of the key examples of what TrendMicro researcher’s misread, to re-enforce to our customers and partners once again that Bright Data is the only business proxy network that carefully vets its customers and keeps logs to help law enforcement with any potential wrongdoing
Trend Micro false report
Or Lenchner - Bright Data CEO
Or Lenchner | CEO

TrendMicro’s 18-Dec-2018 report titled “Illuminating HolaVPN and the Danger It Poses” falsely suggests that the Bright Data network is used by cybercriminals because the authors misunderstood the traffic they were reading.

They misread ads being clicked through the Bright Data network as ad-fraud, when in fact the largest ad networks in the world are using Bright Data to ensure that ads are compliant.

They misread airline tickets being purchased through the network as some kind of privacy violation, rather than understanding that the vast majority of online travel companies use Bright Data to ensure lower costs for consumers.

We believe that TrendMicro’s marketing department leveraged a shallow, misleading report to create marketing buzz for Trend Micro at the expense of Bright Data and its customers. Ask yourself – if you wrote the report would you have sent it to Bright Data for comments in advance? TrendMicro instead sent it to reporters in advance so that they could enhance the ‘bang’ of the release, never asking for a comment from Bright Data.

In this blog, we provide some of the key examples of what the researcher misread. This is to re-enforce our customers and partners that Bright Data is the only business proxy network that carefully vets its customers and keeps logs to help law enforcement with any potential wrongdoing. We proudly serve many Fortune 500 companies and thousands of enterprises to make unstructured web data part of their business planning. Offering the most accurate data is our goal and we plan on doing so in the many years to come, leading the way in Internet transparency.

What is Bright Data’s traffic being used for? (Hint – not for ad fraud)

TrendMicro claims that “The detailed breakdown of Bright Data traffic shows that the vast majority of Bright Data’s traffic is likely related to fraud with mobile ads and traffic from mobile apps”.

When we read this, we were speechless. Huge ad networks are conducting their ad verification/compliance through the Bright Data network and all of them have been carefully vetted.

Clearly, the writer doesn’t understand the ad-tech ecosystem.

Conducting ad verification and compliance may look exactly like ad fraud since it requires clicking the ads (by the ad networks themselves) and testing which response consumers get in various regions. There’s no other way to do this. Why are they doing it through the Bright Data residential network and not through data-center based servers? This is because malicious advertisers recognize requests coming from servers, and serve up ‘safe’ ads to those requests, and may serve up malicious ads to ones coming from consumer IPs. The only way to get accurate information is to mimic a real user. The difference between a bad actor and a good actor in the ad verification business cannot be identified by the traffic, but instead by the ad networks’ intent – whether they are trying to verify an ads’ compliance, or trying to gain revenue by clicking ads. If they are engaging in the latter, then they are engaged in criminal activity and Bright Data would not be the wisest choice. Bright Data makes it clear to our customers that we keep logs, and will help law authorities persecute any bad actors if they are found on our network. Bad actors recognize this and typically choose a network that advertises that they do not keep logs.

TrendMicro most likely advertises with our customers, which have been checked for compliance through the Bright Data network.

So, what is Bright Data’s traffic being used for? Here are a few examples:

  • Huge online retailers – for collecting data on comparative pricing information.
  • Top websites – for testing their web sites from any city in the world.
  • Leading online travel agencies – for being able to price competitively.
  • Cybersecurity firms – for ensuring that sites are not malicious (not TrendMicro..)
  • Many more…

About HolaVPN – a partner of ours who was also mentioned in the report

The TrendMicro report sensationally reported that one of our business partners – HolaVPN – is a VPN that “leaks the users’ IPs”. TrendMicro didn’t do their homework in the Hola case as well.

For users that want to hide their IP, Hola offers a premium VPN ($3 per month for a subscription, similar to any other VPN), which hides the IP of their users just like most VPNs.

Unlike other VPNs (and this is what makes HolaVPN so popular, and a great partner for Bright Data), is that they offer a free version that allows access to most blocked sites on the web – which is the major use case for VPNs. Users that choose the free VPN choose to contribute their IP to the Bright Data network for this free product.

Consumers that do not want to contribute to the Bright Data network choose the Hola premium VPN which also hides their IP.

The writer took the position that the real benefits that Hola has provided to its 175 million customers are not worth the potential threats. To clarify, in the past 5 years and with 175 million customers Hola has had one issue of misuse for 4 minutes in 2015 (probably a better track record than your favorite credit card provider).

HolaVPN is a P2P based network – it uses the resources of its members to help others unlock web sites. This is the power of the HolaVPN network and another reason it’s a great Bright Data partner.

However, TrendMicro’s report determined that “users of HolaVPN don’t really share their internet connections with each other; instead, their web traffic is routed through a list of about a thousand exit nodes hosted in data centers”.

If the writer would have bothered asking Hola (they didn’t – but they did choose to send the report to the press 15 hours ahead of publishing it), they would have learned that this is a factual error.

Hola’s P2P model first sends requests to a Hola Super-server to establish that the requests are not malicious, and only then to other peers in the network. This server validates the traffic and blocks potentially malicious traffic from a malicious peer. The misguided TrendMicro researcher thought that the server traffic was replacing the P2P traffic, traffic that it was actually monitoring.

Hola networks Ltd. and Bright Data Networks Ltd. are business partners, not the same company.
Bright Data was a Hola product, however, it was acquired in late 2017 by a private equity firm from London called EMK. Today Hola and Bright Data are completely different companies with joint commercial interests (and good friends).

Full transparency.

Our mission is to make the Web’s unstructured data available to all businesses for making better business decisions. We make the Web transparent and we act with full transparency.

If you would like to hear more, ask a specific question or raise a concern, feel free to contact me personally:
Or Lenchner, CEO –

Thank you.

Or Lenchner - Bright Data CEO
Or Lenchner | CEO

Ever since his appointment as Bright Data's CEO, Or Lenchner, has continued to expand the company’s market base, as a data collection operator, dedicated to maintaining the openness, transparency, and integrity of the online ecosystem. Prior to his career at Bright Data, Lenchner founded and managed several web-based businesses, developing digital assets and online marketing programs. Joining Bright Data as head of product development, Lenchner’s career and evolvement at the company has been driven by his firm belief in a transparent, ethical-by-design web environment benefiting both, enterprises/businesses and consumers. Or is a young CEO and has a passion for data insights and using them to drive business growth.