Pornhub, the world’s most popular adult website that boasts over 26 billion satisfied visitors each year, played host to a form of malware that “exposed millions of potential victims in the US, Canada, the UK, and Australia” to infection for more than a year.
Security firm Proofpoint detected the large-scale malvertising attack, which it says was carried out by the KovCoreG group as a way of infecting visitors with the Kovter ad fraud malware. The software performs click-fraud operations as a way of generating revenue for its authors.
The hackers infiltrated Pornhub’s Traffic Junky advertising network to push fake Edge, Firefox, Chrome, and Flash updates onto users. Downloading and installing the file would infect computers with Kovter, which could then use the machine to click on fake ads and generate money for websites.
“While the payload in this case is ad fraud malware, it could just as easily have been ransomware, an information stealer, or any other malware,” Proofpoint said. “Regardless, threat actors are following the money and looking to more effective combinations of social engineering, targeting and pre-filtering to infect new victims at scale.”
It was noted that Pornhub and the Traffic Junky ad network acted quickly to address the matter once they were made aware of the attack.
"The combination of large malvertising campaigns on very high-ranking websites with sophisticated social engineering schemes that convince users to infect themselves meTans that potential exposure to malware is quite high, reaching millions of web surfers," added Proofpoint.
Pornhub, which is rated as the 38th most popular website in the world by Alexa, has yet to comment on the matter.
https://www.techspot.com/news/71351-year-long-malware-put-millions-pornhub-users-risk.html
