New Flash Malvertising Attack Affects Major Porn Sites

watching porn laptop

Researchers detect a new Flash malvertising campaign targeting users of several “moderately” popular adult portals

Yet another malvertising attack is targeting some of the Internet’s most popular porn websites, according to security firm Malwarebytes.

The company has detected a number of such attacks over the past few months, affecting some of the most popular adult sites including PornHub, YouPorn and Xhamster, but says that although high profile incidents have quietened down, “dozens” of malicious campaigns have been detected.

The most notable of these has been one involving a compromised Flash advert served through AdXpansion, an adult advertising network. The exploit is loaded from a “seemingly innocent” XML file which loads the hidden exploit.

Malvertising attacks

malwareMalwarebytes says DrTuber.com, Nuvid.com, eroprofile.com, icepor.com, xbabe.com are among those affected. Although it deems these sites to be “moderately popular”, this still accounts for millions of visitors.

AdXpansion has been informed of the attack but Malwarebytes said it had not received a response at the time it published its blog post.

However, AdXpansion told TechWeekEurope it apologised for the attack conducted through the network and said it had taken “appropriate” steps to ensure the malicious activity was no longer an issue.

“Recently we experienced an issue with a single advertiser abusing flash in order to spread malware,” said a spokesperson. “We have since disabled all flash ads and are no longer accepting any flash ads through our network any more.”

Recent Malvertising attacks have affected users of dating websites, social networks and even Forbes.com, leading many to question the safety of online advertising – especially those running Flash. Google Chrome now pauses Flash adverts by default, while Amazon has blocked assets powered by the much-maligned software. Some have even turned to controversial ad-blockers to protect themselves against such attacks.

However speaking to TechWeekEurope earlier this year, Malwarebytes senior researcher Jerome Segura, said he did not think porn sites were more susceptible than other online destinations.

“There’s this idea that adult sites are more dangerous to visit than “regular” sites,” he said. “I don’t believe it’s entirely true especially for the top sites because they do dedicate a lot of resources to fighting fraud and malware. Based on what we have seen in the past months as far as malvertising goes, we have seen just as many top mainstream publishers as pornographic ones.”

 What do you know about Internet security? Find out with our quiz!