Hackers Penetrate PornHub Ads, Users Shafted By Wide Spread ‘Malvertising’ Campaign

Cybersecurity firm Proofpoint has uncovered a year-old scheme to infect PornHub users with malware while they’re blowing off steam; a ‘malvertising’ ad campaign which tricks users into downloading a ‘software update’ for Chrome, Firefox and Adobe Flash which tracks users and sends information to a third party.

Newsweek reports:

The so-called malvertising campaign reportedly exposed millions of potential victims in the U.S., Canada, the U.K. and Australia but has since been shut down after PornHub and its ad network were notified of the activity.

The malvertising group behind the latest campaign, nicknamed KovCoreG by the researchers, used their ads on the porn site to redirect users to a scam site that asked them to download a browser update.

Different variations were used with Chrome, Firefox and Internet Explorer to trick the user to download the update.

Instead of downloading the update, the user inadvertently installed Kovter, a variant of malware that allows hackers to track a victim’s traffic and personal information. Most users may not have even noticed a change in their systems when the malware downloaded, according to the researchers.

Javvad Malik from of security firm AlienVault, said: “Malvertising campaigns are a favoured avenue for many attackers. In 2016, Google removed 12 million bad ads which, aside from malware, included illegal product promotion and misleading ads.”

Meanwhile, PornHub said they “acted swiftly” to remove the infected content and eliminate the risk to users who may be tricked into installing malicious updates.

“While the payload in this case is ad fraud malware, it could just as easily have been ransomware, an information stealer, or any other malware.”

In other words – instead of just tracking user habits, the PornHub exploit could have raped wallets.

If you enjoy the content at iBankCoin, please follow us on Twitter