Cyber Honey Trap: Hackers Hit PornHub Users With Malvertising Attack

Adjust Comment Print

This particular type of malware is known as "malvertising" as it causes more dodgy ads to spread, leading to more victims of the attack.

Millions of Pornhub users were targeted with a malvertising attack that sought to trick them into installing malware on their PCs, Proofpoint said.

The attack apparently had been active for over a year and "exposed millions of potential victims in the US, Canada, the United Kingdom, and Australia", according to Proofpoint, a security company cited by the Guardian.

In the case of Pornhub, Proofpoint said users were shown fake ads urging them to click to download a new version or Flash update to their web browser - but would instead infect their computers.


Visitors to adult website PornHub may have been infected by malware after hackers infiltrated the site's advertising supply chain, according to researchers. If the false update was downloaded, Kovter was then on the user's device, taking it over to click on fake ads on spam sites - earning cash for KovCoreG.

The hack was carried out by a group known as KovCoreG, Proofpoint said, who hoped to infect users with an ad fraud malware known as Kovter. If downloaded and activated by users, the software infected their computers with Kovter - a program that hijacks a computer and uses it to generate clicks on fake ads which generate money for the websites they're hosted on.

Although ad fraud was the name of the game this time, the payload could easily have been changed to infect users with ransomware, or information-stealers, Epstein added.

According to Epstein this only confirms that attackers will always follow the money, and to do so they will continue to create and ideal combinations of techniques involving social engineering, targeting, and pre-filtering to affect as many users as possible.


These malvertising campaigns are a popular mechanism for hackers to spread malware and Mark James, a security specialist at IT firm ESET, told The Guardian that Pornhub was a flawless target.

To stay protected against malware and malvertising, security expert Javvad Malik from the security firm AlienVault told Newsweek it's important people do not forget to not click on links in pop-ups and to stay on reputable sites.

"There has been an upturn in the number of reputable organizations distributing malvertising", Malik says.

"The audience is possibly less likely to have security in place or active as people's perception is that it's already a dark place to surf". "Also, the user may be less likely to call for help and try to click through any popups or install any software themselves, not wanting others to see their browsing habits".


Comments