19:55 GMT21 September 2020
Listen Live
    World
    Get short URL
    by
    160
    Subscribe

    Hackers initially targeted mid-range adult film portals, but recently hit a jackpot by placing ads on xHamster, one of the largest porn websites, with one billion visitors per month. The majority of victims were in the United States.

    A cybercriminal group has recently targeted "practically all" porn sites with malware, says security firm Malwarebytes. According to the company, a hacker group called Malsmoke placed malicious code into the ads that appeared on adult film websites. After clicking on the ads, the user was redirected to a website that hosted exploiting kit, which in its turn infected computer with malware using vulnerabilities in the browser. This malware stole personal information such as banking credentials, passwords, and also spied on users.

    Malwarebytes notes that people that were affected used Internet Explorer (IE) and Flash Player. The firm notes that most exploit kits are built around vulnerabilities in IE and Flash and called on users to switch to more secure browsers.

    "Despite recommendations from Microsoft and security professionals, we can only witness that there are still a number of users (consumer and enterprise) worldwide that have yet to migrate to a modern and fully supported browser," Malwarebytes said in a statement.

    The company explained that the recent malvertising campaign is an attempt by cybercriminals to squeeze "the last bit of juice from vulnerabilities" in Flash, which will be discontinued at the end of the year, and IE, which is gradually being phased out by Microsoft.

    Tags:
    cyber security, hackers, porn
    Community standardsDiscussion