Cyber security firm Proofpoint has released a report outlining how millions of people in the UK, US, Canada, and Australia may have been infected by malware that hackers managed to insert into the adverts on adult website PornHub.
The hacker group responsible for the attack is known as KovCoreG, and they managed to develop malvertising that delivered fake browser updates for the widely used Internet browsers: Chrome, Microsoft Edge/Internet Explorer, and Firefox. Specifically, they exploited the ad systems offered by Traffic Junky. The ads would tell users they needed to apply a critical update so that the users, thinking it was an actual message from their browser, would run the malware and infect themselves.
Ad networks offer sophisticated filtering to vendors, and hackers are increasingly using these, combined with intelligent social engineering, to hijack the advertising inventories that give them access to very popular websites where they can then target people operating specific software with certain vulnerabilities.
Hackers are continuously finding new and crafty ways to infect people's systems and it often takes time for the victims to realize what they are getting away with, in this instance, the campaign had been in place for over a year before being discovered. Proofpoint has said that as soon as PornHub as well as Traffic Junky were notified of the discovery they both acted quickly to try and deal with the threat. But there may be a whole host of new techniques that hackers have developed since then, and are using right now, so it pays to use a proper up-to-date anti-malware software, and be mindful of the things we click on when surfing around the internet.
Source: Proofpoint via SkyNews |Images via Proofpoint
27 Comments - Add comment