For more than a year, hackers have been targeting Pornhub visitors with malware that seeks to track victim’s traffic and personal information, according to a new report.
The so-called malvertising campaign used ads on the porn site, called KovCoreG, would redirect users to a scam site that tricked them to download a browser update. There were variations for Chrome, Firefox and Internet Explorer. Researchers at cybersecurity firm Proofpoint discovered the malware.
Instead of actually updating the browser, the software actually installed Kovtar, a malware bug that gives hackers access to and tracks the victim’s traffic and personal information. The malware is undetectable to the average user.
Proofpoint shut the attack down easily, but said it was active for over a year, potentially affecting millions of victims primarily in the United States, Canada, the U.K. and Australia.
“The combination of large malvertising campaigns on very high-ranking websites with sophisticated social engineering schemes that convince users to infect themselves means that potential exposure to malware is quite high, reaching millions of web surfers,” the researchers wrote in a report of their findings.
How Pornhub users can protect against malware
Still, researchers said the results of such malware could easily have been much more catastrophic when piggybacked on one of the world’s most popular websites. With more than 26 billion visitors a year, Pornhub is largest porn site in the worl, the 20th most-visited website in the United States and the 37th most-popular in the world.
“While the payload in this case is ad fraud malware, it could just as easily have been ransomware, an information stealer, or any other malware.”
These malvertising campaigns are a popular mechanism for hackers to spread malware and Mark James, a security specialist at IT firm ESET, told The Guardian that Pornhub was a perfect target.
“The audience is possibly less likely to have security in place or active as people’s perception is that it’s already a dark place to surf,” he said. “Also, the user may be less likely to call for help and try to click through any popups or install any software themselves, not wanting others to see their browsing habits.”
To stay protected against malware and malvertising, security expert Javvad Malik from the security firm AlienVault told Newsweek it’s important people remember to not click on links in pop-ups and to stay on reputable sites.
“It is worth remembering that defenses will be breached periodically no matter, so it’s worth investing in threat detection controls so that any compromise can be quickly and reliably detected and thus responded to,” he said.
