Monday, December 4, 2023

Hackers using Malware that Steal Premium Users Credentials from Pornhub, XVideos to sell it in Dark Web

New Threat report revealed that Credential stealing malware were dramatically increased in 2018 that target the adult websites premium users credentials to selling it in dark web.

These credentials are most wanted data in underground market place in Dark web where cybercriminals selling these stolen data for thousands.

It very common that pornography website is associated with malware and sophisticated cyber threats since the platform contains a high traffic rate.

For an example last year, a government employee who accessed around 9000 pornographic web pages in his workplace that leads to compromised his device and infected the entire government network.

One step ahead, malicious ads from adult website leads the victim to install the malicious applications on their devices and steal the banking related credentials.

Researchers from Kaspersky Lab discovered many of malicious samples that perform credential stealing activities from most popular pornographic websites.

Also, Researcher states that credentials to pornography website accounts are themselves quite a valuable commodity to be sold online both internet and dark web underground markets.

Some of the Facts in Last year Attack from Adult websites

Cybercriminals using a lot of technique to spreading their malware among pornography websites by promoting the porn related tags in Google search.

Kaspersky statement said The 20 most popular make up 80% of all malware disguised as porn. Overall, 87,227 unique users downloaded porn-disguised malware in 2018.

Nearly 650,000 users affected in 2018 that drops from the adult websites and most of the malware dropped intended to steal the premium porn website accounts.

Adult content websites premium accounts credentials price doubled last year and these credentials are highly demanded on the dark web underground market.

In 2018, Kaspersky Lab identified at least 642 families of PC threats disguised under one common pornography tag and 89% Android-based malware from porn website posed as adware.

In other ways, threat actors targeting users via phishing attack that posed as well known adult website such as xvideos, xnxx, pornhub where users trick to give away their information.

“According to Kaspersky research, Pornographic content phishing can also be used to install malicious software. For example, to access an alleged adult video, the phishing page requires the user to download and update a video player.”


“Whether it is worth it or not, some users agree that the price of premium accounts to popular pornography websites is rather high. For example, monthly memberships can vary from $20 to $30, and annual unlimited access costs might scale from $120 to $150. This is where cybercriminals enter the fray. kaspersky said. You can also read the detailed report here.

Awareness Tips

  • Before clicking any link, check the link address shown, even in the search results of trusted search engines. If the address was received in an e-mail, check if it is the same as the actual hyperlink.
  • Do not click on questionable websites when they are offered in search results and do not install anything that comes from them.
  • If you wish to buy a paid subscription to an adult content website – purchase it only on the official website. Double check the URL of the website and make sure it is authentic.
  • Check any email attachments with a security solution before opening them –especially from dark web entities (even if they are expected to come from an anonymous source).
  • Patch the software on your PC as soon as security updates for the latest bugs are available.
  • Do not download pirated software and other illegal content. Even if you were redirected to the webpage from a legitimate website.

Related Read

Hackers Launching Trickbot Malware That Steals VNC, PuTTY and RDP Credentials

New Unpatched macOS Flaw Allow Hackers to Spy on Safari Browser History

Website

Latest articles

Hackers Use Weaponized Documents to Attack U.S. Aerospace Industry

An American aerospace company has been the target of a commercial cyberespionage campaign dubbed...

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Booking.com Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles