Russian Pornhub hackers caused millions in damages

3 min


-4
-4 points

Cyber criminals based primarily in Russia hijacked ads on Pornhub to infect viewers’ computers with malware, causing millions of dollars in damages, according to a US indictment.

The criminals controlled more than 1.7 million infected computers, which were used without their owners’ knowledge to secretly load advertisements that they were collecting the revenue for, the US Department Of Justice has said.

Eight men – six from Russia and two from Kazakhstan – have been charged with cyber crimes. Three are awaiting extradition, while the others remain at large.

According to the unsealed indictment, businesses were left paying out more than $29m (£23m) for ads which were never viewed by real human internet users.

Also unsealed were seizure warrants allowing the FBI to take control of 31 internet domains and take information from 89 computer servers to shut down the botnet globally.

Pornhub at the 2018 AVN Adult Entertainment Expo at the Hard Rock Hotel & Casino on January 24, 2018 in Las Vegas, Nevada.
Image:
The criminals infected Pornhub viewers

The cyber criminals’ activities were detailed by information security firm Proofpoint, which explained how the attack on Pornhub worked.

Web browsers which navigated to Pornhub’s website were shown a fraudulent pop-up telling them to install an update to their web browser, or the Adobe Flash plugin.


But instead of a genuine update the downloaded file took control of the victim’s computer and began to run a hidden process clicking on ads which the criminals hosted on a fake web page.

Advertising fraud is a serious issue for web giants Facebook and Google, which generate the overwhelming bulk of their revenues by telling advertisers that their ads are reaching real people.

The use of bots to provide fake impressions is so prevalent on the internet that some advertisers only receive $0.01 for every $1 of impressions they pay for, according to Dr Augustine Fou, an independent advertising fraud researcher.

No figures are available on the fraud levels affecting Google and Facebook, but Dr Fou says that much of the fraud is getting too difficult to detect.

According to the justice department, the conspiracy required extensive efforts from the criminals to conceal that the ad impressions were computer generated.

“To create the illusion that real human internet users were viewing the advertisements loaded on to these fabricated websites, the defendants programmed the data centre servers to simulate the internet activity of human internet users,” it said.

This meant the servers were programmed for “browsing the internet through a fake browser, using a fake mouse to move around and scroll down a web page, starting and stopping a video player midway, and falsely appearing to be signed into Facebook”.

Details about browsers are all stored in cookies, which advertisers can check to gain more information on users.

The 13-count indictment charges eight men with various cyber crimes, including wire fraud.

The two Kazakh men have been arrested – Sergey Ovsyannikov was held last month in Malaysia, while Yevgeniy Timchenko was arrested earlier this month in Estonia.

Only one of the Russian citizens, Aleksandr Zhukov, has been arrested – which happened earlier this month in Bulgaria.


Like it? Share with your friends!

-4
-4 points
DownTheWing

Legend

0 Comments

Your email address will not be published. Required fields are marked *

Choose A Format
Personality quiz
Series of questions that intends to reveal something about the personality
Trivia quiz
Series of questions with right and wrong answers that intends to check knowledge
Poll
Voting to make decisions or determine opinions
Story
Formatted Text with Embeds and Visuals
List
The Classic Internet Listicles
Countdown
The Classic Internet Countdowns
Open List
Submit your own item and vote up for the best submission
Ranked List
Upvote or downvote to decide the best list item
Meme
Upload your own images to make custom memes
Video
Youtube, Vimeo or Vine Embeds
Audio
Soundcloud or Mixcloud Embeds
Image
Photo or GIF
Gif
GIF format