Pornhub hack: Millions of people using adult video site could have been spied on
The virus had been making its way into users' computers for more than a year
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Pornhub was hit by a hack that means anyone who used it could have contracted a virus.
A secret, malicious advert has been running on the free pornography site for more than a year. And it works by infiltrating people's computer and then having their machine taken over, all without a users' knowledge.
The problem was shut down almost as soon as it was discovered. But it has been running quietly for more than a year – and the damage could have spread across the entire internet.
The hack worked by showing an advert on the Pornhub page that appeared to be a browser or operating system update. That would trick a user into clicking on it and installing the software.
But once it was installed, that software would actually take over a users' computer and use it to click on fake ads, putting its owners' safety in danger to generate money. That's according to Proofpoint, the security firm that discovered the malicious software.
It pointed out that the damage could easily have been much worse – potentially taking people's browsing data or using the access to their computer to commit fraud.
“While the payload in this case is ad fraud malware, it could just as easily have been ransomware, an information stealer, or any other malware,” Proofpoint said. “Regardless, threat actors are following the money and looking to more effective combinations of social engineering, targeting and pre-filtering to infect new victims at scale.”
The virus and the hack didn't revolve around the fact that the site exists to provide free adult videos, and the hack may have been active on other websites too. But the fact it came from such a page makes people more vulnerable, since they are less likely to report such attacks and since so many people visit them.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments