Science

Millions of PornHub visitors 'exposed' to browser update malware

Millions of PornHub visitors 'exposed' to browser update malware”

Pornhub, the world's most popular adult website that boasts over 26 billion satisfied visitors each year, played host to a form of malware that "exposed millions of potential victims in the US, Canada, the United Kingdom, and Australia" to infection for more than a year.

Well, if you are you might have got more than you bargained for recently, as the Kovter malware was spread via poisoned ads served up by the X-rated adult PornHub site.

The malvertising group behind the latest campaign, nicknamed KovCoreG by the researchers, used their ads on the porn site to redirect users to a scam site that asked them to download a browser update.

The malware infected the victim's system by masquerading as fake updates for popular browsers including Chrome, Firefox, and Microsoft's Internet Explorer and Edge - as either a "critical" update for the browser itself, or for software such as Adobe Flash. "For users that pass these filters, the chain delivers a page containing heavily obfuscated JavaScript identical to that used by Neutrino and NeutrAds".

Yahoo was also found to be displaying the malicious ads on its main website, yahoo.com, but as of last week they appeared to have been removed, independent security site ExecuteMalware said.

"We are pleased that following our notification, the site and advertising network abused in this particular attack worked swiftly to remove the infected content and keep visitors safe", he concluded.

Surfers who have been visiting PornHub could have been hit by a major "malvertising" campaign which has been underway for over a year now.

PornHub is yet to comment on the Proofpoint claims.

"This discovery underscores that threat actors follow the money and continue to flawless combinations of social engineering, targeting, and pre-filtering to infect new victims".

Although ad fraud was the name of the game this time, the payload could easily have been changed to infect users with ransomware, or information-stealers, Epstein added.

"Once again, we see actors exploiting the human factor even as they adapt tools and approaches to a landscape in which traditional exploit kit attacks are less effective".

"This discovery underscores that threat actors follow the money and continue to ideal combinations of social engineering, targeting, and pre-filtering to infect new victims, Proofpoint added".



Like this

Latest


11 October 2017
Taylor Swift Is Finally Debuting Taymojis In The Year 2017
But Taylor Swift is still on the promo circuit, preparing to release her new album, Reputation on November 10. And similarly, it promises "exclusive" content and photos and direct engagement with Swift.

11 October 2017
How to Watch Honduras vs. Mexico
USA head coach Bruce Arena calls his team's failure to qualify for the World Cup "a blemish and a disappointment". The USA went down 2 - 1 and are not going to Russian Federation for the World Cup next year.

11 October 2017
Super Mario Odyssey: Ranking All 8 Revealed Kingdoms So Far
The game is out on October 27 for the Nintendo Switch, and will be a holiday must-buy for Switch owners. Even though the hard mode was not unlocked behind the toys, Fusion Mode was the one that was unlocked.

11 October 2017
Court orders IEBC to include Ekuru Aukot in repeat poll
He said that ThirdWay Alliance still believes that individuals at the IEBC who conducted shoddy polls need to be dealt with before next presidential election conducted.

11 October 2017
Bank of New York Mellon Corp Increases Stake in Tesco Corporation (TESO)
The fund owned 643,469 shares of the oil and gas company's stock after acquiring an additional 42,690 shares during the period. It last reported revenues of $7.78 million and EPSfor the June 2017, representing 49% top-line growth and 35.3 EPS growth.

11 October 2017
Host Hotels & Resorts Inc (NYSE:HST) Stock Price Up as Sentiment Improves
On average, analysts forecast that Host Hotels and Resorts Inc will post $0.77 earnings per share for the current year. This company shares are 5.4% off its target price of $19.33 and the current market capitalization stands at $13.48B.

11 October 2017
Amazon targets teen shoppers with new account sharing feature
Any time they make a purchase, teens will be able to include a note that explains (or argues) why they need the particular item. On this page, there's now a new option to add a teen, as well as configure the settings associated with their account.

11 October 2017
(EOG) Shares now up at $94.18 EOG Resources Appoints C. Christopher…
Tower Rech Capital Limited Co (Trc) has 0.18% invested in EOG Resources Inc (NYSE:EOG) for 17,906 shares. (NYSE:EOG) is 15.687274. Donaldson sold 6,167 shares of the business's stock in a transaction that occurred on Thursday, September 28th.

11 October 2017
Moving Fire Overwhelms Napa Home, Kills World War II Veteran and Wife
They have lived in Napa for 35 years, which is longer than they have lived anywhere else in their lives. Sara, an avid bridge player, took care of the family and a succession of handsome homes.

11 October 2017
BlackRock Beats Q3 Views As Investors Keep Pouring Money Into ETFs
The firm's share price was up 0.75 per cent in premarket trading at 2pm United Kingdom time. Fees from the company's index-tracking iShares rose 38 percent to $1.07 billion.



Recommended