DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Porn Sites Hit By Malware: Malwarebytes

Posted on January 3, 2016 by Dissent

Payal Patak reports a malvertising attack on hundreds of porn sites  left millions of people’s devices infected, beginning in November. In this case, the ads were hosted and served by AdExpansion, an adult ad network:

US-based security firm Malwarebytes detected popular websites such as xHamster, RedTube, PornHub and the likes to have been seriously attacked, which caused their data being compromised. These websites are moderately popular and attract several million visitors each day.

Other porn-sites recordely hit by malware were DrTuber, Nuvid, Eroprofile, IcePorn and Xbabe.

Read more on Korea Portal.

Malwarebytes had reported the problem at the beginning of December. AdExpansion had confirmed it, noting that although they had disabled the ads within hours of notification, they had been unable to prevent the malvertiser from creating new accounts.

So malvertising on porn sites and ElSurveillance hacking escort services and porn sites. And Ashley Madison data getting dumped.

How safe do you feel engaging in online pursuits of these kinds?  By now, you should be prepared that any account you use may wind up compromised and that you may wind up exposed.

Related posts:

  • Leader of International Malvertising and Ransomware Schemes Extradited from Poland to Face Cybercrime Charges
Category: Malware

Post navigation

← Nigerian charged in email scam is in custody in Dallas
At least 2m personal data sets feared leaked in Japan: survey →

1 thought on “Porn Sites Hit By Malware: Malwarebytes”

  1. IA Eng says:
    January 4, 2016 at 12:22 pm

    HA! Wind up exposed. Good Pun. = )

    This sort of incident is not limited to these types of sites.
    I have seen in the past several well established websites sporting malvertising.
    It would be nice to see the types of sites typically hit with malvertising, and the percentage of each.

    Most malvertising requires only a person to click on an ad. The surfer is then sent down a trail of re-directs, eventually landing on a web server that attempts to run multiple scans for vulnerabilities – the typical ones – java, Flash, MS patches and the like. If its able to take over your box, it simply installs an exploit kit, RAT (remote access trojan) or pieces and parts of one. Since antivirus scanners use signatures to ID malware and viruses, the crooks can send small segments of files that will eventually morph into a file, disabling the Antivirus. Your machine will gladly say it has detected nothing while it is full of ugly files.

    Advertising space is best described as a grey matter area. I have seen many a funky way that advertisement space is bid/sold. I am sure it is very easy for a crook to grab some premium space, probably with a stolen credit card. If the advertisement space is bought and paid for over a busy weekend, the bad ad can be up close to 72 hours before it’s ripped down and the account closed. All they have to do is display a legimate ad until the company goes to sleep, and change the good ad to a bad one.

    As far as accounts on Adult related sites, I would imagine the emails are shared almost immediaately and openly with other companies, or sold on an email spam list campaign. I personally do not set up risky account of any type. I certainly would NOT use the same username and password combination that many do on a risky site. You can bet your bottom, errrrr dollar that the crooks will be trying that username/password combo on all social media sites as well as the favorite shopping sites (Amazon, NewEgg, Overstock, Target, Walmart, etc) in hopes they can buy some items with your credit card data on file. So, in any situation, always use unique passwords for each site. It could limit the damage significantly.

    Safe…I don’t feel safe on any of the regular sites – let alone if I should stumble upon an adult one. Each site has a level of risk, and with that, some portion of your PII will probably be used by others for their financial gain. In the current world of people clicking on next, next, next and not paying attention to details, its a world that can quickly take advantage of those that are willing to go places for fun and frolic.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.