Cyber Honey Trap: Hackers Hit PornHub Users With Malvertising Attack

A hacker collective known as KovCoreG has been targeting the users of the PornHub pornography website, tricking them into downloading and installing malware on their computers.

The attack apparently had been active for over a year and “exposed millions of potential victims in the US, Canada, the UK, and Australia”, according to Proofpoint, a security company cited by the Guardian.

Due to the hackers’ efforts, users visiting PornHub were redirected to another website where they were offered to download a software update for their browser or the Adobe Flash plugin. If downloaded and activated by users, the software infected their computers with Kovter – a program that hijacks a computer and uses it to generate clicks on fake ads which generate money for the websites they’re hosted on.

"While the payload in this case is ad fraud malware, it could just as easily have been ransomware, an information stealer, or any other malware. Regardless, threat actors are following the money and looking to more effective combinations of social engineering, targeting and pre-filtering to infect new victims at scale," Proofpoint warns.

According to the Guardian, PornHub did not comment on this development.

Mark James from the IT security company ESET also pointed out that PornHub was likely a preferred target for hackers because the website’s users are less likely to have active security countermeasures in place and would probably be reluctant to seek help in order to keep their browsing history secret.