Millions of PornHub users in the US, UK, Canada and Australia were targeted by a malicious advertising campaign lasting for more than a year. The malvertising attack tried to trick users of the world’s most popular porn site into installing fake browser updates.
Millions of PornHub users in the US, UK, Canada and Australia were targeted by a malicious advertising campaign lasting for more than a year. The malvertising attack tried to trick users of the world’s most popular porn site into installing fake browser updates.
Security researchers from Proofpoint found that PornHub users had been exposed to Kovter ad fraud malware for over a year. The KovCoreG group is believed to be responsible for distributing the Kovter ad fraud malware, so if you’ve visited PornHub recently, it might be a good idea to check your system for signs of infection.
The malware worked on all major browsers — Chrome, Firefox, Microsoft Edge and Internet Explorer — meaning the potential audience was in the millions. Once fake updates had been downloaded, malware was installed on victims computers, and this in turn automatically clicked on ads to generate money for the developers of the malware.
Reporting its findings, Proofpoint says:
While the infection has now been removed from PornHub, the malware is now out in the wild and it is possible that it may reappear via the Traffic Junky advertising network it initially took advantage of.
Image credit: vectorfusionart / Shutterstock
