Science

Millions of PornHub visitors 'exposed' to browser update malware

Millions of PornHub visitors 'exposed' to browser update malware”

Pornhub, the world's most popular adult website that boasts over 26 billion satisfied visitors each year, played host to a form of malware that "exposed millions of potential victims in the US, Canada, the United Kingdom, and Australia" to infection for more than a year.

Well, if you are you might have got more than you bargained for recently, as the Kovter malware was spread via poisoned ads served up by the X-rated adult PornHub site.

The malvertising group behind the latest campaign, nicknamed KovCoreG by the researchers, used their ads on the porn site to redirect users to a scam site that asked them to download a browser update.

The malware infected the victim's system by masquerading as fake updates for popular browsers including Chrome, Firefox, and Microsoft's Internet Explorer and Edge - as either a "critical" update for the browser itself, or for software such as Adobe Flash. "For users that pass these filters, the chain delivers a page containing heavily obfuscated JavaScript identical to that used by Neutrino and NeutrAds".

Yahoo was also found to be displaying the malicious ads on its main website, yahoo.com, but as of last week they appeared to have been removed, independent security site ExecuteMalware said.

"We are pleased that following our notification, the site and advertising network abused in this particular attack worked swiftly to remove the infected content and keep visitors safe", he concluded.

Surfers who have been visiting PornHub could have been hit by a major "malvertising" campaign which has been underway for over a year now.

PornHub is yet to comment on the Proofpoint claims.

"This discovery underscores that threat actors follow the money and continue to flawless combinations of social engineering, targeting, and pre-filtering to infect new victims".

Although ad fraud was the name of the game this time, the payload could easily have been changed to infect users with ransomware, or information-stealers, Epstein added.

"Once again, we see actors exploiting the human factor even as they adapt tools and approaches to a landscape in which traditional exploit kit attacks are less effective".

"This discovery underscores that threat actors follow the money and continue to ideal combinations of social engineering, targeting, and pre-filtering to infect new victims, Proofpoint added".



Like this

loading...
loading...

Latest


11 October 2017
Ivana Trump Takes Credit For President Trump's Success, Bashes Marla Maples
And then, as she told GMA , there was the time that the president protested to naming his firstborn after himself. In 1990, Trump's affair with Marla Maples spawned an infamous New York Post headline: " Best Sex I've Ever Had ".

11 October 2017
PM bows to Jayprakash Narayan, remembers Nanaji Deshmukh on birth anniversaries
The exhibition showcases good practices and applications, as well as schemes and initiatives of the Ministry of Rural Development. Speaking on contributions of Loknayak JP, PM Modi said that JP was deeply popular among youngsters.

11 October 2017
EQT GP Holdings, LP (NYSE:EQGP) Under Analyst Spotlight
The firm earned "Hold" rating on Thursday, July 20 by Stifel Nicolaus. 8/16/2016-Credit Suisse Group Reiterated Rating of Neutral. The (Simple Month Average) SMA20 is at -2.24 percent, its SMA50 Value is 0.07% and SMA200 value is reported as 3.22 Percent.

11 October 2017
Host Hotels & Resorts Inc (NYSE:HST) Stock Price Up as Sentiment Improves
On average, analysts forecast that Host Hotels and Resorts Inc will post $0.77 earnings per share for the current year. This company shares are 5.4% off its target price of $19.33 and the current market capitalization stands at $13.48B.

11 October 2017
No impact on USA military ops amid Turkey row: Pentagon
The embassy on Thursday said it was "deeply disturbed" over the arrest and rejected the allegations as "wholly without merit". Turkish President Recep Tayyip Erdogan has described a U.S. decision to suspend most visa services as "upsetting".

11 October 2017
Adrian Peterson Fantasy Value Rises After Trade, Jerick McKinnon Comparison
Peterson has at times seemed unhappy sharing carries with running backs Mark Ingram and Alvin Kamara. Peterson carried the ball 27 times for a 81 yards in four games with the Saints.

11 October 2017
Philip Morris International's (PM) Outperform Rating Reaffirmed at Wells Fargo & Company
Perpetual Ltd acquired a new stake in Philip Morris International during the 2nd quarter worth about $1,867,000. (NYSE:PM). Deroy And Devereaux Private Inv Counsel has invested 0.04% of its portfolio in Philip Morris International Inc. (NYSE:PM).

11 October 2017
Red Sox manager John Farrell won't return in 2018
They were swept out of the Division Series by the Indians last season and lost 3-1 to the Astros this year. In total, his record as the manager stands at 432-378, earning three division titles (2013, 2016, 2017).

11 October 2017
BMW X5 Special Edition and X6 M Sports Edition Revealed
Just like the X6 M Sport you can have the "SPecial Edition" option right across the X5 range, apart from on the M50d. Courtesy of BMW Individual, customers can opt for the Merino leather upholstery available in five color choices.

11 October 2017
Trump warns TV networks after nuke report
It's unclear how Trump's suggestion would work, as only television stations are subject to FCC licensing, not the networks. President Donald Trump dismissed another NBC story Wednesday, declaring that the media outlet is as fake as CNN.