Millions of people who visited Pornhub in the last year were targeted by a cyberattack that could install malware on their computers, according to a report from security firm Proofpoint.
Fake ads surrounding pornography videos were used to redirect users to a scam site that tried to trick them into downloading a file for a browser update. Different versions of the scam were used on Chrome, Internet Explorer, and Firefox.
If users opened the file, it would download an ad fraud malware called Kovter, a malicious software that lets hackers track a victim’s traffic. With that traffic, the attackers could take over someone’s system and use it to click on fake ads to generate revenue. The sites associated with those ads, typically spam sites, would then profit off the malware.
Here’s a convincing image of a fake update screen discovered by Proofpoint.
By the time the malware was discovered, it had already been in place for more than a year. Even more concerning is that most users wouldn’t notice that their system had just been taken over. However, things could have been a lot worse considering the access the hacking group KovCoreG was granted. “While the payload in this case is ad fraud malware, it could just as easily have been ransomware, an information stealer, or any other malware,” Proofpoint said.
The popularity of Pornhub makes this hack particularly alarming. The porn site is the 20th most visited website in the U.S. and 37th in the world, with 64 million visitors per day. Proofprint says the hack “exposed millions of potential victims in the U.S., Canada, the U.K., and Australia.”
Pornhub claims to have shut down the infected pathway.
There are a few easy steps you can take to make sure you’re not the subject of a malware attack. First, don’t click on sketchy ads, especially those on porn sites. If you do click, don’t press on any download links. Finally, put a good antivirus on your computer. Here’s a list of the best free ones on Mac and PC.
H/T Sky News