Malvertising Attacks Hundreds of Porn Sites

IBTimes published news on 3rd December, 2015, quoting security experts recently as saying that criminals targeted many pornographic sites by using malicious advertising - usually known as malvertising - to infect devices of visitors with malware. The most recent attack comes after similar campaigns on many well known adult websites in the last few months.

Malwarebytes, a US-based security firm, discovered malicious adverts on somewhat popular porn sites that attract millions of visitors per day. The websites included Xbabe, Nuvid, Eroprofile, DrTuber and IcePorn. Adult ad network 'AdXpansion' hosted and served the malicious adverts, and does not need to be clicked on to possibly affect a visitor to a website.

IBTimes published news on 3rd December, 2015, quoting Chris Boyd, an Analyst of Malwarebytes, as saying "pornography sites are not targeted as much as the adult advertising networks. The final result of tainted computers is still matching, but like most types of malvertising, the websites themselves likely to have small control over which adverts are delivered to their visitors. Everyone is dependent on a chain of faith which is easily busted by corrupt Internauts willing to infect the stream with malicious advertisements. The challenge is to discover ways to reduce the risk to those who are exposed to bad ads".

This is the recent in a series of malvertising attacks using a rare, but common delivery method. It also shows that malvertising is picking up as a fast and prominent method of distributing malware. Truly, instead of depending on an exploit kit to compromise the machines of the victims, this technique simply depends on a disguised Flash advert to download its own exploit and payload.

XXX sites remain as one of the preferred target for criminals mainly because of the bigger boom of cash which such sites represent. In the month of September also, a huge malvertising attack struck portals of adult content, including top porn domain xHamster.com, which has nearly half a billion visitors per month.

At least since 21st November, 2015, this latest malvertising campaign is there. AdExpansion has been informed about the malicious attack.

» SPAMfighter News - 12/9/2015