Skip to main content

PornHub security breach turns out to be a well-executed hoax

south carolina porn blocker installed new internet connected devices pornhub
123RF
This past weekend, news broke that PornHub had been breached, allowing hackers to sell access to a subdomain to the site for a mere $1,000.

It turns out that story was just a hoax.

As reported by CSOOnline, the hacker, who goes by 1×0123 on Twitter, tweeted an image showing that he had gotten access.

#MossackFonseca privatehttps://t.co/aWiTdjfE88 pic.twitter.com/jCfd38UuPd

— 1×0123 (@1×0123) April 9, 2016

Turns out 1×0123’s claims were nothing more than hot air to scam bad guys. The hacker allegedly sold PornHub access to three people. Two people were sold shell access while one was sold injection script.

PornHub reached out to 1×0123 via XMPP, an instant messaging client, to try and resolve this issue. 1×0123 allegedly offered to help fix the vulnerability and give additional details for a fee of $5,000. It’s unknown if PornHub agreed to those terms and paid.

Here’s hoping PornHub didn’t end up paying, because after doing some digging, the site’s engineers started to see the holes in 1×0123’s claims. At first the company believed a test server to be compromised, then a non-production server, but neither were accessed. 1×0123 had provided the site with a copy of the shell he used to dump into the server. PornHub noticed that there was no way the file could have been uploaded due to file size restrictions with the avatars. Not only that, 1×0123’s file contained PHP code, but PornHub’s servers are not designed to execute PHP.

“Even if the server would accept this fake image file we don’t allow code to be executed as an image extension. He provided conflicting information and left the chat shortly after,” a PornHub spokesperson said.

PornHub released an official statement:

“The PornHub team investigated the claim from the hacker named 1×0123. Our investigation proved that while those screenshot might look realistic to people without knowledge of the underlying infrastructure, the attack as described by the hacker is not technically possible. This incident was merely a hoax and no PornHub systems were breached during those recent events. The safety and security of our users is PornHub top priority. We would like to remind everyone that PornHub has a public bug bounty program which can be used to responsibility report any legitimate vulnerabilities in exchange for bounty as high as $25,000.”

Well, that was a close one. Everyone can now sleep soundly knowing that the internet’s porn viewing habits are still a closely kept secret.

Imad Khan
Former Digital Trends Contributor
Imad has been a gamer all his life. He started blogging about games in college and quickly started moving up to various…
The best MasterClass courses for 2024
The MasterClass logo against a dark background.

Learning a new skill, art, or craft is a great way to expand your horizons, and even increase your value as a creator or within your career. There are a lot of online learning platforms out there to help you grow, but few are as universally recognized as MasterClass.

MasterClass is a streaming platform that offers online classes taught by some of the biggest names in their respective fields. With a subscription you’ll get access to the full library of MasterClass courses, which includes a huge variety of subjects such as food, writing, music, wellness, and home & lifestyle.

Read more
How to recall an email in Gmail on mobile and desktop
A person sitting at a desk, in front of a computer monitor with their head in their hands.

Sometimes the moment you hit send in Gmail you want to recall the message. We all make mistakes. Luckily, Google gets it and, just as you can recall an Outlook message, you can unsend a Gmail. In the past, you had to manually enable it, but now it’s on by default.

Here’s how to make the most of it.

Read more
The best websites to download audiobooks for free in 2024
best websites for free audiobooks version 1428320425 shutterstock 236974753

Audiobooks are an incredibly convenient format for those who enjoy reading but struggle to make time for it in their everyday lives. They're portable. You can listen to them on the way to work, while you're exercising, or even when you're doing chores around the house.

And along with their ease of use, quite a few audiobooks can be accessed for free, if you know where to look. That's where we come in. In the guide below, we'll go over some of the best options around for downloading audiobooks for free. So you can get all of the convenience of listening to an audiobook without spending a dime. Audible isn't the only game in town, so let's take a look at some of your free options.
Open Culture

Read more