Monday , 24 September 2018
Home >> C >> Communications >> Pornhub hack: Hackers hijacked ads with malware in year-long attack

Pornhub hack: Hackers hijacked ads with malware in year-long attack

SECURITY FIRM Proofpoint has posted about a recent malvertising attack on top 25 website Pornhub that could have caused masturbators some sleepless nights.

Pornhub is a popular site that sits comfortably at number 21 on Alexa’s US website rankings. That would seem to make it a popular target for hackers too, and it is.

Proofpoint reports that a hacking group called KovCoreG group placed its malvertising badness on Pornhub that could have put millions of masturbators at risk. Fortunately, it was shut down quicker than the lid of a laptop when someone enters a room unexpectedly, however, ProofPoint said it was active for over a year.

“Proofpoint researchers recently detected a large-scale malvertising attack by the so-called KovCoreG group, best known for distributing Kovter ad fraud malware and sitting atop the affiliate model that distributes Kovter more widely,” wrote the team at Proofpoint.

“This attack chain exposed millions of potential victims in the US, Canada, the UK, and Australia, leveraging slight variations on a fake browser update scheme that worked on all three major Windows web browsers. The attack has been active for more than a year and is ongoing elsewhere, but this particular infection pathway was shut down when the site operator and ad network were notified of the activity”.

While it was live, it was a nasty infection that abused the Traffic Junky advertising network however on discovery Pornhub and Traffic Junky shut it down and sent in a man with a mop to wipe things down and clear up a bit. Users may have been fooled into an OS update or a Flash update, and accepted their pop up instructions just so that they could get on with the show.

Proofpoint said that it could have been a lot worse. “The combination of large malvertising campaigns on very high-ranking websites with sophisticated social engineering schemes that convince users to infect themselves means that potential exposure to malware is quite high, reaching millions of web surfers,” it explained.

“Once again, we see actors exploiting the human factor even as they adapt tools and approaches to a landscape in which traditional exploit kit attacks are less effective. While the payload in this case is ad fraud malware, it could just as easily have been ransomware, an information stealer, or any other malware.” µ



  • <!–

  • Save this article

  • –>

==[ Click Here 1X ] [ Close ]==