PornHub visitors hit with malware attack via poisoned ads


A cybersecurity firm confirmed Pornhub was affected by a malicious software (malware) for more than a year and may have affected millions of the adult website's subscribers.

Proofpoint said the attack was carried out by a group called KovCoreG, who endeavoured to infect devices with an ad fraud malware called Kovter.

The campaign was tightly focused, with ads being displayed only to users in the United Kingdom, the US, Australia and Canada, and further limited depending upon which ISP they used, said security firm Proofpoint in an advisory.

The so-called malvertising campaign used ads on the porn site, called KovCoreG, would redirect users to a scam site that tricked them to download a browser update.

He continued: "We are pleased that following our notification, the site and advertising network abused in this particular attack worked swiftly to remove the infected content". While Chrome and Firefox users were asked to click on such links to update their browsers with the latest fixes, Microsoft Edge users were offered an update to the Adobe Flash Player.

If you DID click the button (but everyone knows you NEVER click the button), then you should probably do a clean sweep of your computer stat, before the virus, which would've downloaded to your computer, starts scraping all of your personal information, browsing history, and a bunch of other potentially compromising material that we're sure you'd like to keep private. However, these clicks made money for criminals.

Amazon offers a new way for students to get a Prime membership
Once received, the parent confirms which payment method and shipping address will be used for teens' orders. Amazon wants to attract teenage shoppers with a new feature that lets them shop without their parents.

"While the payload in this case is ad fraud malware, it could just as easily have been ransomware, an information stealer, or any other malware", Proofpoint wrote in the report.

According to Epstein this only confirms that attackers will always follow the money, and to do so they will continue to create and ideal combinations of techniques involving social engineering, targeting, and pre-filtering to affect as many users as possible.

This article has been updated to include a comment from PornHub. "In 2016, Google removed 12 million bad ads which, aside from malware, included illegal product promotion and misleading ads". "The issue being that there are insufficient controls to place an advert with an ad network, making it far easier to get a malicious app accepted by an official app store".

"There has been an upturn in the number of reputable organizations distributing malvertising", Malik says.

These malvertising campaigns are a popular mechanism for hackers to spread malware and Mark James, a security specialist at IT firm ESET, told The Guardian that Pornhub was a flawless target.