Year long cyber attack targets “millions” of Pornhub users


Millions of users of the world’s most visited adult content site have been tricked into downloading malware onto their computers.

According to researchers from cyber security firm Proofpoint, hackers hijacked advertising displayed on Pornhub to infect millions of users with malware.

The technique used by the hackers is known as malvertising and targeted visitors to Pornhub for more than one year.

While the Pornhub site wasn’t directly compromised, advertising networks which display ads on the site were.

The attack was carried out by a group known as KovCoreG, who infected users with a form of malware dubbed Kovter, Proofpoint said in a blog post.

The hackers then used the malware to generate fraudulent ad revenue by tricking users into clicking on fake ads.

Proofpoint said that users on Pornhub were tricked into clicking on an ad informing them they needed to install an update for Adobe Flash Player.

Proofpoint said “millions” of users “were potentially exposed to ad fraud malware due to the latest series of large-scale KovCoreG group malvertising campaigns.”

“We are pleased that following our notification, the site and advertising network abused in this particular attack worked swiftly to remove the infected content.

“Very few groups have the capability to abuse the advertising chains of some of the world’s most visited websites; however, the KovCoreG group is one of them.

“This discovery underscores that threat actors follow the money and continue to perfect combinations of social engineering, targeting, and pre-filtering to infect new victims, Proofpoint added”.


Comments are closed.