Hundreds of porn sites affected in malvertising campaign

Researchers have spotted dozens of malvertising attacks targeting hundreds of moderately popular adult sites in a recent campaign.

The attacks targeted sites including drtuber.com, nuvid.com, eroprofile.com, iceporn.com and xbabe.com, each of which receive millions of visits per month, and are being distributed through the adult ad network AdXpansion, according to a 2 December Malwarebytes blog post.

The campaign has been active since 21 November and uses a compromised Flash advertisement to trigger a hidden Flash exploit loaded from a seemingly innocent XML file that will attempt to load an exploit as soon as it is displayed on the page, no click required, according to the post.

Researchers observed an attack on drtuber.com attempting to targeted Flash exploit (CVE-2015-7645) using code in a XML file loaded from malenkiyprince.website and the same attack attempting to distribute two different payloads at once onto another adult site.

close

Next Article in News Bytes

Sign up to our newsletters