A malicious advertising campaign has targeted top adult sites like Pornhub and YouPorn.
Several of the world’s most popular pornographic websites were struck by cyberattacks in the past week, according a blog post by the malware hunting software firm Malwarebytes.
Sites infected with malicious code included Pornhub and YouPorn, both owned by the Luxembourg-based adult website conglomerate MindGeek. These two sites rack up a combined 800 million visits each month, the post states, citing data from the London-based analytics company SimilarWeb.
This particular type of attack is known as a malicious advertising—or malvertising—campaign. It involves attackers pushing malicious ads through advertising networks, which then appear on websites that display those ads. The worst kinds can compromise users’ machines through “drive-by downloads,” while others can push fake webpages filled with scams, alerts, and pop-ups.
In this case, the attack targeted the third party ad network ExoClick. The attackers masked apparently innocuous code as banner ads.
“During the past several months, high profile malvertising attacks against top adult sites have been sparse,” writes Jérôme Segura, a security researcher at Malwarebytes, noting that a similar campaign targeted the adult site xHamster last week. “This makes what we have seen during the past couple of weeks very unusual but also impactful given the sheer volume of traffic these sites receive.”
Malvertising campaigns have also hit news sites such as Yahoo, MSN, and Forbes in recent weeks.
The news arrives as a debate over ad blocking technology ragesthanks to Apple’s iOS 9 software update, which makes it easy to install mobile ad blocking tech on its devices. Ad blockers can help prevent the infections caused by malvertising campaigns.
The Pornhub-YouPorn malvertising campaign has been stopped, MindGeek said in a statement provided to Malwarebytes.
We were alerted to the presence of a malicious advertisement appearing on a select few of Pornhub’s web properties. It was quickly determined that the malware originated from a third party advertising partner, and we responded immediately to disable all advertisements associated with this third party, and continue to actively investigate this incident.
…
It is important to note that our sites are not delivering malware and we will continue to actively monitor the situation to safeguard our users.
Source:https://fortune.com/
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.