Uh-Oh! Most visited porn site spreading nasty malware
Cybercriminals are always targeting popular websites to find new victims. This makes sense when you think about it. The more users a site has, the more potential victims there are.
That brings me to the latest site that is infecting visitors’ gadgets with malware. Let me apologize in advance, the affected site can be considered unseemly by many, as it’s a popular porn site.
Watch out for this nasty ‘malvertising’ campaign
We’re talking about one of the most visited porn sites in the U.S., it’s called PornHub. Millions of visitors to the site over the past year could have had their device infected with malware.
It’s actually a ‘malvertising’ campaign that was discovered recently by researchers at Proofpoint. Malvertising is when hackers put malicious code into a digital ad and submit it to an ad network or place it as a link on a site. It then appears on websites and can infect your system with malware if you click on it.
What’s happening is, cybercriminals are infecting gadgets of those visiting PornHub with the Kovter Trojan. Once it downloads, Kovter hijacks your device and racks up thousands of phony clicks on online ads behind the scenes.
These clicks generate revenue for the hackers. That doesn’t make it especially dangerous to you, but if it can sneak onto your system, it’s a good bet something more dangerous can get in as well like ransomware. It can also cause your system to run super slow.
The threat also impacts the device’s memory. Meaning, even if the originally infected file is deleted, your system can be reinfected. It does this by using your gadget’s registry as a mechanism to ensure the malware is loaded each time the infected gadget is re-started.
PornHub users are being tricked into clicking a malicious link found on the site. Users on the site are being taken to fraudulent pages that look like an update to whatever browser they are using, for example, Chrome and Firefox. It could also come in the form of an update to Adobe’s Flash player.
Warning! Do NOT click on any of these updates.
Instead of getting the update, your system will be infected with the Kovter virus. Here’s an example of what a fraudulent, malicious update looks like:
Note: If you are reading this article using the Komando.com app, click here to see the example image.
Proofpoint researchers said, “This campaign uses clever social engineering to trick users into installing fake updates that appear as soon as they visited a page containing a malicious ad. Once users clicked on what they thought was an update file, they may not have even noticed a change in their systems as malware opened an invisible web browser process, clicked on ads, and generated potential revenue for cybercriminals.”
Malware spreading like this isn’t limited to PornHub users. Cybercriminals can target users of any site at any time. Here are some suggestions to stay safe while surfing the internet.
Have strong security software
Make sure you’re using strong antivirus software on all of your gadgets. And keep them up-to-date for the best protection. This is the best way to keep your device from being infected with malware.
Set up two-factor authentication
Two-factor authentication, also known as two-step verification, means that to log in to your account, you need two ways to prove you are who you say you are. It’s like the DMV or bank asking for two forms of ID. This adds an extra layer of security and should be used whenever a site makes it available. Click here to learn how to set up two-factor authentication.
Use unique passwords
Many people use the same password for multiple websites. This is a terrible mistake. If your credentials are stolen on one site and you use the same username and/or password on others, it’s easy for the cybercriminal to get into each account. Click here to find out how to create hack-proof passwords.
Be cautious with links
Do not follow web links in unsolicited emails, text messages, or websites claiming that your browser needs to be updated. It could be a phishing attack.
Cybercriminals always take advantage of popular websites and trending news stories to try and find new victims. That’s why you need to be able to recognize a phishing scam. One thing to watch for with phishing attacks are typos, criminals are typically careless with spelling and grammar. If you receive an email or notification from a reputable company, it should not contain typos.
Click here to take our phishing IQ test to see if you can spot a fake email.
A virus or malware can infect your device from many sites these days, read this article to know if your gadget is infected.
It used to be confined to desktops and laptops but now, more than ever, mobile gadgets such as our smartphones and tablets are being targeted with viruses, malware, spyware, ransomware, adware – just about any type of “ware” cybercrooks can think of. Android gadgets, in particular, are more vulnerable to these kinds of attacks.
Click here and I’ll tell you what to look for and steps to remove the infection.
Tags: cybercriminals, malware, security, web browser