Possibly millions of people have been exposed to a malware program which tried getting into your computer. When they had some alone time a couple of weeks back, they could very well have been the target of hacker group called the KovCoreG group. They attacked 38th biggest website in the world, which you might or might not know, is www.pornhub.com. But what happened, and why did they do it? Let’s look further into it!
How did this happen
KovCoreG is known for distributing ad fraud malware, malware which infects your computer through an online advertisement. This attack was targeted at victims in different parts of the world. From the United States to Canada, but also the UK and as far as Australia. They abused the network of the Traffic Junky adverting company. (These are the companies that sell advertisement places on websites.) They showed you an advertisement, and when you clicked on it the program would check your geographical location and your internet service provider. If you would pass these filters, the program would prompt you for a critical update of your browser. Depending on which browser you used (Firefox, Chrome or Edge/Internet Explorer) the malware send you the corresponding prompt. Because the malware did not use any software exploits, you had to download the software yourself and open it on your computer. From that moment on, your computer is infected.
What is in it for them?
You could wonder, what is in it for them? What does the malware do? The malware itself does not do anything that harmful to your computer. One important thing it does do is click on fake advertisement on obscure websites, which in turns earns the programmers (KovCoreG) a profit. Installing the malware itself does not result in any profit, what the program does afterwards is where the money is made.
Why it is that bad
In general malware is rather harmful to computers. Combining sophisticated malware with convincing social engineering techniques makes the threat even higher. Combining this with a website that on annual basis 26 billion people visit to play a flute solo, it becomes a big threat. Proofpoint expects millions of people have been exposed, but does not provide an estimated for the actual people affected by the malware.
Prevention
Let’s talk about prevention. What can you, or society, do to prevent this from happening? A good way to start is to not believe everything you see online and install all the software you see popping up on your screen. The second solution is installing anti-virus software. But you probably already knew these things, so what can we do in the bigger scheme? First of all, cyber security is a hot topic in current politics. Even the to-be Dutch government raised their annual budget to 95 million euro. Deloitte recently posted a research report where they calculated that the yearly cost for cyber security are 10 billion euro alone in The Netherlands. The main risks are at the small- and medium-sized enterprises. In my option, both the government and companies should place cyber security higher on the corporate agenda. Creating a culture where security stand first, and adding two-step verification are quick fixes, but go a long way in combatting cyber security.
Sources used:
NU.nl. (2017, October 10). Malware richtte zich op miljoenen Pornhub-gebruikers . Retrieved on October 11, 2017, from https://www.nu.nl/internet/4958903/malware-richtte-zich-miljoenen-pornhub-gebruikers.html
Pheijffer, M. (2017, September 17). Op gebied van cybersecurity mag rol van overheid wel wat groter worden. Retrieved on October 11, 2017, from https://fd.nl/opinie/1220206/op-gebied-van-cybersecurity-mag-rol-van-overheid-wel-wat-groter-worden
Proofpoint. (2017, October 6). Kovter Group malvertising campaign exposes millions to potential ad fraud malware infections. Retrieved on October 10, 2017, from https://www.proofpoint.com/us/threat-insight/post/kovter-group-malvertising-campaign-exposes-millions-potential-ad-fraud-malware
RTL Nieuws. (2017, October 10). Regeerakkoord van kabinet-Rutte III: alle plannen op een rij. Retrieved on October 10, 2017, from https://www.rtlnieuws.nl/nederland/politiek/regeerakkoord-van-kabinet-rutte-iii-alle-plannen-op-een-rij
Traffic junky. (n.d.). Online Ad Network: Advertising & Publishing Solutions. Retrieved on October 11, 2017, from https://www.trafficjunky.com/