Belfast Telegraph

UK Website Of The Year

Pornhub hacked, exposing users’ viewing habits – but information will be kept private

Published 26/07/2016

Pornhub hackers: We have taken the perspective of an advanced attacker with the full intent to get as deep as possible
Pornhub hackers: We have taken the perspective of an advanced attacker with the full intent to get as deep as possible

Hackers have found their way into adult website Pornhub, potentially revealing some of its users’ most intimate secrets – but have committed not to do so.

Security researchers found their way into the site’s database, which includes sensitive user information about the people who use the site.

In the wrong hands, that information could prove a huge problem. Previous leaks of sensitive websites like Ashley Madison have had disastrous effects, spilling the secrets of users.

But the security researchers gave their hack up to the company, winning $20,000 in the process. That money came through Pornhub’s bug bounty programme, which encourages hackers to try and find flaws that need fixing and gives them a cash reward when they do so.

Many porn sites have been looking to get more secure as a result of the sensitive information they hold and the value they offer to potential hackers.

Read: Pornhub reveals what Northern Ireland users search for  

"Pornhub's bug bounty programme and its relatively high rewards on Hackerone caught our attention,” the hackers said in a detailed post about how exactly they had broken into the site. “That's why we have taken the perspective of an advanced attacker with the full intent to get as deep as possible into the system, focusing on one main goal: gaining remote code execution capabilities.”

Remote code execution is often seen as the main goal of hackers, since it allows them to run code on the attacked system without even being near it. Once that is done, hackers can often find their way into the deepest and most protected parts of the system, allowing them free rein over what they want to attack.

The hack will also help protect other websites that use PHP, a scripting language that is used across the internet.

Independent

Independent News Service

Your Comments

COMMENT RULES: Comments that are judged to be defamatory, abusive or in bad taste are not acceptable and contributors who consistently fall below certain criteria will be permanently blacklisted. The moderator will not enter into debate with individual contributors and the moderator’s decision is final. It is Belfast Telegraph policy to close comments on court cases, tribunals and active legal investigations. We may also close comments on articles which are being targeted for abuse. Problems with commenting? customercare@belfasttelegraph.co.uk

Read More