Millions of Pornhub users may have been spied on following hack

Share

Commenting on the PornHub malware in an email to Newsweek, Javvad Malik from the security firm AlienVault, said: "Malvertising campaigns are a favoured avenue for many attackers".

The cyberattack researchers learned that hackers used the virus to commit ad fraud malware, essentially manipulating the user's computer to click on specific ads, generating them money.

Researchers at cybersecurity firm Proofpoint discovered the malware campaign in adverts appearing alongside videos on PornHub.

Proofpoint said, having already "exposed millions of potential victims in the US, Canada, the United Kingdom, and Australia" to malware by pretending to be software updates to popular browsers. "In 2016, Google removed 12 million bad ads which, aside from malware, included illegal product promotion and misleading ads".

Delhi: Chief Minister Arvind Kejriwal's auto stolen near Secretariat
Singh is said to have filed a police complaint at the IP Estate police station about the theft that occurred at around 1 pm. Bigger dream of clean politics was sacrificed from winning Delhi.

Like other malvertising actors, the KovCoreG group is now focusing on redirecting users to social engineering sites (i.e. fake download), instead of redirecting users to websites hosting exploit kits.

A sign at the PornHub booth is displayed at the 2017 AVN Adult Entertainment Expo at the Hard Rock Hotel & Casino on January 18 in Las Vegas.

According to security firm Proofpoint which uncovered the operation, a hacker group known as KovCoreG hacked into Pornhub advertising and posted fake browser updates to induce visitors to click on them. The downloadable files were JavaScript (Chrome, Firefox) or HTA (IE, Edge) files that installed Kovter.

If you DID click the button (but everyone knows you NEVER click the button), then you should probably do a clean sweep of your computer stat, before the virus, which would've downloaded to your computer, starts scraping all of your personal information, browsing history, and a bunch of other potentially compromising material that we're sure you'd like to keep private. The malware is undetectable to the average user. These ads redirected the users to a scam website that was advertising a fake browser update scheme.

Russian flags removed from Russian consulate by USA authorities
Besides, they demanded that the Consulate General in San Francisco should be closed and the consul general's residence emptied. Entrance doors to the buildings were broken, while the buildings themselves were searched.

Despite the fact that this attack was limited to click fraud, Proofpoint experts warned that an attack of this kind can easily be modified to become a ransomware or data theft Trojan attack.

A man looks at pornography online, Hanover, Germany, 25 January 2006.

The attack has been active for more than a year and is ongoing elsewhere, but this particular infection pathway was shut down when the site operator and ad network were notified of the activity. This popularity makes it even more of a target for hackers. "This has led to an upturn in the number of reputable organizations distributing malvertising".

Google to integrate Duo App to Android by default
How about other Android phones from major OEMs (Original Equipment Manufacturers) like Samsung, LG, Sony, Xiaomi and others? Primarily, Google's video calling app Duo will be the main app that will make video call to anyone with the app installed.

Share