PornHub Visitors May Have Been Infected by Hackers

PornHub Visitors May Have Been Infected by Hackers

By the time the attack was uncovered, it had been active "for more than a year", Proofpoint said, having already "exposed millions of potential victims in the US, Canada, the United Kingdom, and Australia" to malware by pretending to be software updates to popular browsers.

Different variations were used with Chrome, Firefox and Internet Explorer to trick the user to download the update.

"Once users clicked on what they thought was an update file, they may not have even noticed a change in their systems as the malware opened an invisible web browser process, clicked on ads, and generated potential revenue for cybercriminals", stated Proofpoint vice president of operations Kevin Epstein.

Pornhub is a popular site that sits comfortably at number 21 on Alexa's USA website rankings.

The files downloaded Kovter, which can be used to run various kinds of malicious code, including ransomware and information-stealers. The attack has been active for more than a year and is ongoing elsewhere, but this particular infection pathway was shut down when the site operator and ad network were notified of the activity.

"The chain begins with a malicious redirect hosted on avertizingms [.] com, which inserts a call hosted behind KeyCDN, a major content delivery network", Proofpoint writes.

PornHub Visitors May Have Been Infected by Hackers
PornHub Visitors May Have Been Infected by Hackers

It appears that malvertising impressions are restricted by both geographical and ISP filtering.

However, the malicious ads have now been removed by both the ad network and the adult website. Epstein also commended the website and advertising network for their incredibly swift response following the notification from Proofpoint.

Commenting on the PornHub malware in an email to Newsweek, Javvad Malik from the security firm AlienVault, said: "Malvertising campaigns are a favoured avenue for many attackers".

"This discovery underscores that threat actors follow the money and continue to ideal combinations of social engineering, targeting, and pre-filtering to infect new victims".

Researchers said the campaign demonstrates a "dramatic decline" in the use of exploit kits over the past year, with KovCoreG instead relying on social engineering techniques - in this case, a scam posing as a security alert.

According to cybersecurity company Proofpoint, the hackers' attack may have "exposed millions of potential victims in the US, Canada, the United Kingdom, and Australia", using fake updates, which "could just as easily have been ransomware, an information stealer, or any other malware". "Regardless, threat actors are following the money and looking to more effective combinations of social engineering, targeting and pre-filtering to infect new victims at scale", Proofpoint warns.

Related Articles

  • United Nations pulls staff from Malawi after vampire scare

    Both belief in and a fear of witchcraft is still widespread in Malawi, which remains one of the world's poorest countries . President Peter Mutharika has promised to investigate those killings.
    NASA astronauts successfully complete second of three spacewalks for ISS maintenance

    NASA astronauts successfully complete second of three spacewalks for ISS maintenance

    The 68P will take just two orbits around Earth and dock to the station less than three-and-a-half hours later. Launched in 2001 with the rest of the robot arm, the original latches were showing their age.

    Archer-Daniels-Midland Company (ADM) Given Average Rating of "Hold" by Brokerages

    At present, 0 analysts recommended Holding these shares while 0 recommended sell, according to FactSet data. BMO Capital Markets downgraded the shares of ADM in report on Friday, January 6 to "Market Perform" rating.
  • Hamas delegation goes to Egypt for reconciliation talks

    Hamas delegation goes to Egypt for reconciliation talks

    Earlier Saturday, Hamas said it had arrested four senior Islamic State members, including the group's leader in the coastal enclave.

    Analyst Commentary On AMC Entertainment Holdings, Inc. (AMC), Cambrex Corporation (CBM)

    AMC Entertainment Holdings, Inc . shares increased 3.4 percent over the past week and rose 10.14 percent over the previous month. Finally, Janus Capital Management LLC grew its holdings in shares of AMC Entertainment Holdings by 0.3% in the first quarter.

    Pizza Hut's new 'pizza parka' will insulate you like a fresh pie

    The restaurant chain said it has spent more than two years looking at ways to ideal the design. In addition, the new box will come with a new tray for the pizza to sit on.
  • Analyst Recommendations And Revisions: Fidelity National Financial, Inc. (FNF)

    The New York-based Wellington Shields Capital Mngmt Limited has invested 0.25% in FNF Group of Fidelity National Financial, Inc . Two equities research analysts have rated the stock with a hold rating and four have given a buy rating to the company's stock.

    Summit Securities Group LLC Reduces Stake in UnitedHealth Group Incorporated (UNH)

    Argus restated a "buy" rating and set a $170.00 target price on shares of UnitedHealth Group in a report on Monday, January 23rd. E&G Advisors Lp increased Vanguard Intl Equity Index F (VGK) stake by 19,484 shares to 61,237 valued at $3.38 million in 2017Q2.
    '13 Reasons Why' Season 2 Shuts Down Production Due to California Wildfires

    '13 Reasons Why' Season 2 Shuts Down Production Due to California Wildfires

    Many members of the cast and crew who now live in the region during filming have been flown home as a courtesy . There are more people there in need of help than can even be expressed in words.
  • Adrian Peterson adds yards after contact to Cardinals offense

    Adrian Peterson adds yards after contact to Cardinals offense

    The Cardinals undoubtedly are under no illusions that Adrian Peterson is the running back he was in his prime. He signed with the Saints this offseason as the next chapter in his career as a 32-year-old.
    Vanguard Dividend Appreciation ETF

    Vanguard Dividend Appreciation ETF

    Traders often add the Plus Directional Indicator (+DI) and Minus Directional Indicator (-DI) to identify the direction of a trend. The Average Directional Index or ADX is a technical analysis indicator used to describe if a market is trending or not trending.
    Citigroup Downgrades Rating On Axalta Coating Systems Ltd. (AXTA) To

    Citigroup Downgrades Rating On Axalta Coating Systems Ltd. (AXTA) To "Sell"

    BidaskClub lowered Axalta Coating Systems from a "hold" rating to a "sell" rating in a research report on Thursday, July 27th. Fairfield Bush & Communications holds 0.09% of its portfolio in Accelerate Diagnostics Inc (NASDAQ:AXDX) for 10,840 shares.