Pornhub penetrated by hackers: Pays a bounty to protect your dirty data
A hacking group has gained access to leading porn website Pornhub, highlighting an exploitation that can be made via the the site's PHP coding.
PornHub was hacked by a group
The brand paid out a bounty of $20,000 to cyber-security group Evonide for alerting it to the vulnerability back in June. In return, the group relinquished control of the site, choosing not to leak any data on users and their viewing habits, news which would be a relief to many no doubt (see Ashley Madison leak).
The group drafted a statement on its website detailing the hack, penned by Ruslan Habalov and hacker Dario Weißer, it read: “Pornhub’s bug bounty program and its relatively high rewards on Hackerone caught our attention.
"That’s why we have taken the perspective of an advanced attacker with the full intent to get as deep as possible into the system, focusing on one main goal: gaining remote code execution capabilities. Thus, we left no stone unturned and attacked what Pornhub is built upon: PHP.”
With the access the group secured it could have dumped all the user data, track specific users’ habits, or even dump the source code of the site.
The process is understandably complicated, if you want to get deeper into it, check out Evonide’s blog.