Millions of Pornhub users hacked by malware campaign

13 2017. Capitalizing on spying tools believed to have been developed by the U.S. National Security Agency hackers staged a cyber assault with a

Millions of Pornhub users hacked by malware campaign

PornHub - and its Traffic Junky network - were chosen because of its popularity: the 38 most visited site in the world, according to Proofpoint.

Proofpoint said "millions" of users "were potentially exposed to ad fraud malware due to the latest series of large-scale KovCoreG group malvertising campaigns". It is best known for distributing Kovter ad fraud malware and sitting atop the affiliate model that distributes Kovter more widely.

In this case, the malicious ads determined which browser the user was running, and then displayed different scam pages to different users.

The malware infected the victim's system by masquerading as fake updates for popular browsers including Chrome, Firefox, and Microsoft's Internet Explorer and Edge - as either a "critical" update for the browser itself, or for software such as Adobe Flash. When a file was downloaded, it installed Kovtar.

"The chain begins with a malicious redirect hosted on avertizingms [.] com, which inserts a call hosted behind KeyCDN, a major content delivery network", Proofpoint writes.

It appears that malvertising impressions are restricted by both geographical and ISP filtering. In instances like this, it is often the advertising network that was more directly targeted, rather than the website in question.

Intel works on "next stage" of quantum computing
This is the reason why the death of Moore's Law feels imminent, and why this time Moore's Law dying is not just a false alarm. Intel delivered the chip to a Dutch institute, QuTech, which is partnering with Intel on research into quantum computing.

As a result it remained undetected for more than a year, and is believed to continue elsewhere, Proofpoint said.

He continued: "We are pleased that following our notification, the site and advertising network abused in this particular attack worked swiftly to remove the infected content".

A hacker collective known as KovCoreG has been targeting the users of the PornHub pornography website, tricking them into downloading and installing malware on their computers.

Like other malvertising actors, the KovCoreG group is now focusing on redirecting users to social engineering sites (i.e. fake download), instead of redirecting users to websites hosting exploit kits.

Despite the fact that this attack was limited to click fraud, Proofpoint experts warned that an attack of this kind can easily be modified to become a ransomware or data theft Trojan attack.

According to Epstein this only confirms that attackers will always follow the money, and to do so they will continue to create and ideal combinations of techniques involving social engineering, targeting, and pre-filtering to affect as many users as possible.

Latest News