Countless Adult Websites Attacked by Large-scale Malvertising Campaign

Cyber criminals have turned their attention towards x-rated sites and are using their most favorite tool- malvertising.

Malvertising is short-term used for malicious advertising. The purpose of malvertising is to infect the devices of visitors with malware.

In the latest malvertising campaign, criminals have targeted numerous popular adult websites such as PornHub, xHamster, DrTuber, IcePorn, Xbabe, Eroprofile, Nuvid and RedTube.

These and other moderately popular porn sites attract millions of users daily, and hence, provided a great opportunity to infect a number of devices with malicious software.

The attacks were identified by the IT security firm Malwarebytes suggesting that the adult network Adxpansion was responsible for hosting and serving the adult adverts. These adverts didn’t need to be clicked for affecting the device.

The AdXpansion firm contacted Malwarebytes and explained that the infected ads were disabled within hours of first being reported, but cybercriminals have already created new accounts to infect adverts on these sites.

Screenshot shows Adxpansion ads are infected / Image Source: Malwarebytes
Screenshot shows Adxpansion ads are infected / Image Source: Malwarebytes

In the past, cyber criminals infected Yahoo ad network and served ransomware adverts on Yahoo.com and its sub-websites including news, finance, sports, celebrity and games. 

The video streaming site Dailymotion was also running a malvertising campaign in February 2015 through Adobe Flash 0-Day security flaw. However, cyber criminals have also found another way to infect users’ PC with malware and that is by exploiting video ads and embed them with malware.

Featured Image ViaBliss Tree
 

Agan Uzunovic

Agan Uzunovic is a Bosnian journalist who is working for the country's largest newspaper. He has a keen interest in reporting on activism and hacktivism. He is also a contributor at U.S based Revolution News media. Agan reports and writes for HackRead on IT security related topics.