Popular online pornography site PornHub was serving ads with baked-in malware that infected users' computers by pretending to be important browser updates.
Security researchers from Proofpoint found that millions of PornHub users in the US, UK, Canada and Australia had been exposed to Kovter ad fraud malware for over a year. The KovCoreG group is believed to be responsible for distributing the Kovter ad fraud malware, so if you've visited PornHub recently, it might be a good idea to check your system for signs of infection.
The malware worked on all major browsers -- Chrome, Firefox, Microsoft Edge and Internet Explorer. Once fake updates had been downloaded, malware was installed on victims computers, and this in turn automatically clicked on ads to generate money for the developers of the malware.
PornHub is a very popular site, and that makes the threat relevant to many people. According to Alexa, the site is currently ranked the twentieth most popular site in the US, and thirty-seventh in the world.
Typically, if you are on a site that you would not want your grandmother knowing you are on, think twice - and then think twice more - about clicking any ads or downloading anything from there.
If you must click, double-check every link. In this particular case, the fake updates were coming from sites that obviously had no association with browser developers.
And of course, good cybersecurity solutions have multilayered protection that helps users avoid cyberthreats at several points of any cyberattack.