Malvertising Attacks Target PornHub, YouPorn

More porn sites have been targeted in malvertising attacks, according to researchers at Malwarebytes, which says it has noted an “unusual” increase in the frequency of such campaigns against purveyors of adult content.

Last week it emerged Xhamster, with its 500 million monthly visitors, had been targeted by attackers and now it appears as though PornHub and YouPorn’s combined 800 million users were also subjected to an assault.

Malvertising attacks do not compromise the sites themselves, but instead infiltrate advertising networks that serve up ads for popular online destinations.

Porn malvertising

Jerome Segura, senior researcher at Malwarebytes, says rogue advertisers abused the ExoClick ad network by inserting what appeared to be a legitimate piece of code as an ad banner. The attack first appeared on 19 September, but Segura said quick action from the sites’ owner MindGeek limited the threat.

“We were alerted to the presence of a malicious advertisement appearing on a select few of Pornhub’s web properties,” MindGeek said in a statement. “It was quickly determined that the malware originated from a third party advertising partner, and we responded immediately to disable all advertisements associated with this third party, and continue to actively investigate this incident.

“Pornhub takes the safety and security of its users very seriously. Providing an optimal and secure customer experience is of topmost priority for Pornhub, and our organization has taken the necessary steps to protect our customer’s enjoyment without the threat of infection.

“Our organization has implemented rigorous web security programs and processes and has partnered with the world’s leading security vendors, including RiskIQ, in an ongoing effort to fight malvertising. MindGeek proactively audits all third party advertisements displayed on our site on a continual basis.”

Malvertising growth

A number of Malvertising attacks have affected users of dating websites, social networks and even Forbes.com, leading many to question the safety of online advertising – especially those running Flash. Google Chrome now pauses Flash adverts by default, while Amazon has blocked assets powered by the much-maligned software. Some have even turned to controversial ad-blockers to protect themselves against such attacks.

Segura said attacks against adult sites are not usually this common and told TechWeekEurope last week he didn’t think porn sites were necessarily more dangerous to visit than others with regards to this type of attack.

“There’s this idea that adult sites are more dangerous to visit than “regular” sites,” he said. “I don’t believe it’s entirely true especially for the top sites because they do dedicate a lot of resources to fighting fraud and malware. Based on what we have seen in the past months as far as malvertising goes, we have seen just as many top mainstream publishers as pornographic ones.”

What do you know about Internet security? Find out with our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago