Millions of Pornhub users hacked by malware campaign

Bogus chrome update

Millions of Pornhub users hacked by malware campaign

The recent large-scale attack "exposed millions of potential victims in the US, Canada, the United Kingdom, and Australia" to malware, said experts from cybersecurity firm Proofpoint.

Security researchers have worked with key stakeholders to shut down a malvertising campaign that exposed millions of PornHub users to Kovter ad fraud malware for over a year.

The malvertising group behind the latest campaign, nicknamed KovCoreG by the researchers, used their ads on the porn site to redirect users to a scam site that asked them to download a browser update.

The users got different messages for downloading depending on their browser.

The ads, delivered via the Traffic Junky advertising network, tricked unsuspecting users of Google Chrome, Firefox and Microsoft Edge/Internet Explorer into installing bogus "critical" updates to their browsers.

The files downloaded Kovter, which can be used to run various kinds of malicious code, including ransomware and information-stealers.

Apparently, the attack was active for more than a year until the ad network, Traffic Junky, whose ads were being abused, and the adult site lowered the ads after being notified by Proofpoint.

Italian fashion house Gucci commits to 'sustainable' fur-free future
In June, Yoox Net-A-Porter ( YNAP.MI ), a multi-brand online luxury retailer, adopted a fur-free policy on accessories and clothing sold on the site.

Apple is partnering with LG for a foldable iPhone
Some sources claim that Apple may invest in LG's new plant to beef up OLED panel production though details are yet to be finalised.

Nokia 9 renders leaked, reveal thin bezels
At the right side of the phone is the power button and volume rocker, and, to the top is the secondary mic. The smartphone is also said to house a fingerprint scanner and will also feature an Iris Scanner as well.

Attacks on pornography sites are particularly useful for cyber-criminals, as many users are unlikely to report issues on sites such as this as they would rather keep certain elements of their browsing habits private. They said that "malvertising impressions are restricted by both geographical and ISP filtering".

Yahoo was also found to be displaying the malicious ads on its main website, yahoo.com, but as of last week they appeared to have been removed, independent security site ExecuteMalware said.

Still, researchers said the results of such malware could easily have been much more catastrophic when piggybacked on one of the world's most popular websites.

"This discovery underscores that threat actors follow the money and continue to ideal combinations of social engineering, targeting, and pre-filtering to infect new victims".

A spokesperson for PornHub told Newsweek that the website "acted swiftly" to remove the infected content and eliminate the risk to users who may be tricked into installing malicious updates.

According to Epstein this only confirms that attackers will always follow the money, and to do so they will continue to create and flawless combinations of techniques involving social engineering, targeting, and pre-filtering to affect as many users as possible.

Latest News