PornHub hackers taken down by FBI, Google

A huge cybercriminal network that had caused massive losses for advertising networks and advertisers has been dismantled. 

The news was confirmed by cybersecurity company Proofpoint, which was involved in analyzing and identifying the perpetrators alongside the FBI and Google.

The network, called 3ve (pronounced 'eve'), used almost two million hijacked devices to generate fake clicks on advertising. 

The group was responsible for Kovter, an ad fraud malware that generated fake ad views and clicks. It spread through email, as well as other means, and exposed millions of victims in the US, Canada, the UK, and Australia. 

It was also responsible for the malvertising attack against PornHub last year.

3ve hacking

The US Department of Justice has announced the indictment against 'several threat actors'. At the same time, Google announced it shut down the domains involved in these activities. 

"3ve operated on a massive scale: at its peak, it controlled over one million IPs from both residential botnet infections and corporate IP spaces, primarily in North America and Europe (for comparison, this is more than the number of broadband subscriptions in Ireland)," Google said.

"It featured several unique sub-operations, each of which constituted a sophisticated ad fraud scheme in its own right. Shortly after we began to identify the massive infrastructure (comprised of thousands of servers across many data centers) used to host 3ve’s operation, we found similar activity happening within a network of malware-infected residential computers."

Leave a Reply