Published: Fri, October 13, 2017
Culture | By Stewart Greene

Cyber Honey Trap: Hackers Hit PornHub Users With Malvertising Attack

Cyber Honey Trap: Hackers Hit PornHub Users With Malvertising Attack

And although most of us practice safe browsing, with plenty of virus protection to guard us, our personal information, and our computers, the reality is that with advanced viruses created by hackers like the group supposedly responsible for this attack, KovCoreG, it's becoming increasingly more hard to know if you've been infected. The attack has been active for more than a year and is ongoing elsewhere, but this particular infection pathway was shut down when the site operator and ad network were notified of the activity.

Proofpoint said, having already "exposed millions of potential victims in the US, Canada, the United Kingdom, and Australia" to malware by pretending to be software updates to popular browsers.

PornHub is the 20th most-visited website in the USA, according to rankings site Alexa, and the 37th most popular in the world.

Updated | Hackers have targeted adult website PornHub for more than a year in an attempt to spread malware to the porn site's millions of users, according to new research.

Typically, the software generates revenue through clicking on fake adverts through online advertising fraud.

Downloading the software would lead to the user's computer systems becoming infected with the Kovter virus.

The fake advertisements encouraging users to infect themselves with the Kovter malware "could just as easily have been ransomware, an information stealer, or any other malware", said Proofpoint.

"This discovery underscores that threat actors follow the money and continue to flawless combinations of social engineering, targeting, and pre-filtering to infect new victims at scale".

"Pornhub's commitment to providing their viewers with an optimal online experience has made security a top priority, allowing us to respond quickly to cybercrime and safeguard our customers", says Corey Price, vice president of Pornhub.

To stay protected against malware and malvertising, security expert Javvad Malik from the security firm AlienVault told Newsweek it's important people keep in mind to not click on links in pop-ups and to stay on reputable sites. "The issue being that there are insufficient controls to place an advert with an ad network, making it far easier to get a malicious app accepted by an official app store".

Mark James, a security specialist at IT firm ESET, said that Pornhub was likely a preferred target for the bad actors.

"The audience is possibly less likely to have security in place or active as people's perception is that it's already a dark place to surf".

Like this: