A popular porn website has been hit by a massive malware attack

Surfers who have been visiting PornHub could have been hit by a major ‘malvertising’ campaign which has been underway for over a year now.

The malvertising strain in question is Kovter, and this is malware which fraudulently generates money by clicking on ads stealthily in the background, with the browser user unaware that anything is going on – although the malware payload could have easily been something even nastier like ransomware.

As the security firm which discovered this malware campaign, Proofpoint, observes, it infected the PornHub website via the Traffic Junky ad network, potentially affecting millions of users in the UK, US, Canada and Australia.

Critical cons

The malware infected the victim’s system by masquerading as fake updates for popular browsers including Chrome, Firefox, and Microsoft’s Internet Explorer and Edge – as either a ‘critical’ update for the browser itself, or for software such as Adobe Flash.

Having been notified of the malware activity, this particular avenue of attack has now been shut down by PornHub and Traffic Junky, but not before, as noted, millions of surfers have already been hit.

Of course, Kovter is active elsewhere on the net, and as Proofpoint notes: “Threat actors are following the money and looking to more effective combinations of social engineering, targeting, and pre-filtering to infect new victims at scale.”

  • Maybe Black Friday will see some good deals on antivirus software
  • Protect yourself and your identity online with the best VPN

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).