Malvertising Attacks Target PornHub, YouPorn

More porn sites have been targeted in malvertising attacks, according to researchers at Malwarebytes, which says it has noted an “unusual” increase in the frequency of such campaigns against purveyors of adult content.

Last week it emerged Xhamster, with its 500 million monthly visitors, had been targeted by attackers and now it appears as though PornHub and YouPorn’s combined 800 million users were also subjected to an assault.

Malvertising attacks do not compromise the sites themselves, but instead infiltrate advertising networks that serve up ads for popular online destinations.

Porn malvertising

Jerome Segura, senior researcher at Malwarebytes, says rogue advertisers abused the ExoClick ad network by inserting what appeared to be a legitimate piece of code as an ad banner. The attack first appeared on 19 September, but Segura said quick action from the sites’ owner MindGeek limited the threat.

“We were alerted to the presence of a malicious advertisement appearing on a select few of Pornhub’s web properties,” MindGeek said in a statement. “It was quickly determined that the malware originated from a third party advertising partner, and we responded immediately to disable all advertisements associated with this third party, and continue to actively investigate this incident.

“Pornhub takes the safety and security of its users very seriously. Providing an optimal and secure customer experience is of topmost priority for Pornhub, and our organization has taken the necessary steps to protect our customer’s enjoyment without the threat of infection.

“Our organization has implemented rigorous web security programs and processes and has partnered with the world’s leading security vendors, including RiskIQ, in an ongoing effort to fight malvertising. MindGeek proactively audits all third party advertisements displayed on our site on a continual basis.”

Malvertising growth

A number of Malvertising attacks have affected users of dating websites, social networks and even Forbes.com, leading many to question the safety of online advertising – especially those running Flash. Google Chrome now pauses Flash adverts by default, while Amazon has blocked assets powered by the much-maligned software. Some have even turned to controversial ad-blockers to protect themselves against such attacks.

Segura said attacks against adult sites are not usually this common and told TechWeekEurope last week he didn’t think porn sites were necessarily more dangerous to visit than others with regards to this type of attack.

“There’s this idea that adult sites are more dangerous to visit than “regular” sites,” he said. “I don’t believe it’s entirely true especially for the top sites because they do dedicate a lot of resources to fighting fraud and malware. Based on what we have seen in the past months as far as malvertising goes, we have seen just as many top mainstream publishers as pornographic ones.”

What do you know about Internet security? Find out with our quiz!