Porn Sites Hit By Malware: User Privacy And Personal Devices Compromised
Malvertising is one of the most commonly besotted tools by criminals who use malicious advertising to steal personal information and compromise personal devices.
In a recent attack on hundreds of porn sites, online criminals have targeted these websites and left millions of personal visitors' devices infected with malware.
US-based security firm Malwarebytes detected popular websites such as xHamster, RedTube, PornHub and the likes to have been seriously attacked, which caused their data being compromised. These websites are moderately popular and attract several million visitors each day.
Other porn-sites recordely hit by malware were DrTuber, Nuvid, Eroprofile, IcePorn and Xbabe.
The advertisements were hosted and served by AdExpansion which is an adult ad network.
These adverts work on visitors' devices and users do not necessarily click on them to get infected with the malware, said International Business Times, UK.
"It isn't so much that pornography sites are targeted, so much as the adult advertising networks," Chris Boyd, an analyst at Malwarebytes, told IBTimes UK. "The end result of infected PCs is still the same, but as with most forms of malvertising, the websites themselves tend to have little control over which adverts are served to their visitors.
Similar attack was experience by Yahoo! last year when a campaign of malware appeared secretly hidden inside online ads.
The advertising was apparently for a service called Sex Messenger and also contained specialized tool that would identify whether the user was a human or bot.
After identifying personal information from users by using Microsoft's Internet Explorer, Malware exploits device's security settings. It then redirected the user to a fraudulent page carrying user's data on a cloud-based platform, stated BBC UK.
Ad-network company AdExpansion has not reverted with their comments so far on the malware attack spread by its ad network, said Business Pundit. However, the advertisement has been removed from the network already.