Millions of Pornhub users may have been spied on following hack


A cybersecurity firm has confirmed Pornhub was affected by a malicious software (malware) for more than a year and may have affected millions of the adult website's subscribers.

The attack apparently had been active for over a year and "exposed millions of potential victims in the US, Canada, the United Kingdom, and Australia", according to Proofpoint, a security company cited by the Guardian.

Known as 'malvertising, ' the attack by malware group KovCoreG tricked users of the world's most popular porn site, Pornhub, into installing fake browser updates and then clicking on pay-per-click adverts in the background, without the unwitting users ever knowing. The discovery was disclosed on 6 October.

Millions of users in the U.S., UK, Canada and Australia are at potential risk, as a hacking group called KovCoreG (best known for distributing Kovter ad fraud malware) recently trapped the users with fake browser and flash updates, according to researchers at Proofpoint who discovered the attack. It's used as a way to get people to click on fake adverts, generating revenue for cybercrime outfits.

"This discovery underscores that threat actors follow the money and continue to ideal combinations of social engineering, targeting, and pre-filtering to infect new victims at scale".

'The attack has been active for more than a year and is ongoing elsewhere, but this particular infection pathway was shut down when the site operator and ad network were notified of the activity, ' they added.

You might have been infected by the virus if after visiting the site, a new tab would pop up on your computer claiming that a "critical update" was required for the web browser you were using (Chrome, FireFox, Safari, etc), with a button instructing you to "Update Now", or something along those lines.

If they clicked through their machine was infected with Kovter, a highly persistent malware which in this case was used to commit ad fraud. It initially started out in 2014 as a police ransomware that cunningly disguises its demands as official-looking warning messages from a local law enforcement agency. "Also, the user may be less likely to call for help and try to click through any popups or install any software themselves, not wanting others to see their browsing habits".

"Pornhub's commitment to providing their viewers with an optimal online experience has made security a top priority, allowing us to respond quickly to cybercrime and safeguard our customers", says Corey Price, vice president of Pornhub.