This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

The bottom line: are adult sites the most secure, or the most targeted?

Share this article:
Malware hits the Mac but is it worth worrying about?
Malware hits the Mac but is it worth worrying about?

Recent hits on adult websites such as YouPorn and Digital Playground have shown that hacking of personal details has no chance of stopping and more sensitive sites are just as fallible.

The YouPorn breach saw the credentials of more than a million registered users openly accessible on the chat page, while Digital Playground was hacked with 40,000 plain-text credit-card numbers, names, CCV numbers and expiration dates stolen, along with the personal information of 72,000 users.

Despite these occurences, it has long been assumed that adult sites are among those to be the most suspicious, along with online gambling and social networking, due to the likelihood of malicious content. Well, the truth is that the genuine sites are likely to be as secure as the rest and best of the internet; I did try to talk to some leading adult websites but sadly got no response.

The problem is ‘sex' and ‘pornography' are among the most searched-for terms, and cyber criminals are quick to pounce on that, creating websites that promise to host all sorts of sought-out activities. Catch the ‘distracted' surfer and you can install malware, grab their personal details or even their credit-card details, depending on how keen they are to view the content.

Research by BitDefender found that 63 per cent of users attempting to find adult content on their computers compromised their security on multiple occasions. Of 2,017 surveyed (of which 78 per cent were men), more than 72 per cent admitted to having searched for and accessed adult content sites; of content downloaded, 91 per cent was videos that can be downloaded from different sources including torrents, websites and hubs.

Cyber criminals have also buried their way into legitimate websites and added indecent images to them, such as with the instance where the Sesame Street YouTube channel was intercepted.

Research by G Data from 2011 found that pornography sites are fooling UK web users; a survey of almost 16,000 web users in 11 countries found that 37 per cent assumed that porn sites were more likely than hobby/leisure websites to contain malware.

It said that in reality these recreational websites are, in many cases, easier to attack than professionally run pornography sites.  

Eddy Willems, security evangelist at G Data, said: “There is a natural assumption among internet users that pornography sites are more dangerous than other leisure sites. This is a myth. Amateur hobby/leisure sites are often not professionally run like many pornography sites, making them much easier prey for hackers.

“In the past, malware was written by developers who wanted to show off their technical skills, meaning it was visible to infected users. Now cyber criminals design, sell and make use of malware that enables them to take control of PCs' computing powers in such a way that users do not notice the infection. Internet users must correct their misconceptions in order to stay safe online.”

I spoke with writer Patchen Barss, author of The Erotic Engine, a book about the adult industry and technology. I asked him if he believed that adult websites were leading the way in security technology as they are invariably behind a paywall and it could be deemed that they have more to lose.

Barss said: “It makes sense that adult companies lead the way with technological security solutions – they were pioneers in selling content online, which meant they were the first to learn how to protect their product. There are many examples: Playboy was a pioneer in the simple but effective ‘digital watermark system', which allows online content providers to prove copyright infringement in a court of law.

“A company called Takedown Piracy claims to have removed more than three million copyright infringements on behalf of the adult industry. The bottom line is that adult companies continue to be some of the only ones making money selling content online, which means that, by necessity, they must also be leaders in technological solutions to protect their content.”

Talking to him about the G Data research, I asked Barss if he felt people were compromised because the ‘bad guys' knew where they were going, rather than this being an overall problem?

He said: “People can, of course, be hacked anywhere, but there's no doubt that the adult industry is marginalised from the mainstream, and that it naturally attracts more than its share of dirty dealers.

“It makes intuitive sense that, if you are going to try to attack someone's computer – whether it's for identity theft, sheer maliciousness or some other motivation – you would hit people when they are seeking or consuming adult content, if for no other reason than victims would be less likely to seek redress for fear of having to reveal publicly what they were doing on their computer when they were compromised.”

I don't doubt that the leading adult websites are as secure as the major shopping sites, or any other sites that require subscriptions, but as incidents have illustrated, nothing is safe.

As research has shown, the number of web application vulnerabilities are rising, and with adult websites relying on video content, it may not be that complicated to install an exploit.

Share this article:
close

Next Article in Security Cats Blog

Newsletters

More in Security Cats Blog

The information security implications of change

The information security implications of change

Microsoft has recently warned businesses that they should be well on the way to upgrading their legacy desktop environments.

The beginning of the authentication ice age

The beginning of the authentication ice age

This week I was invited to sign the new online Petition Against Passwords which I was delighted to do and I urge you all to do the same.

The chilling effects of the Volkswagen injunction on British research

The chilling effects of the Volkswagen injunction on ...

At this week's Black Hat conference in Las Vegas, Charlie Miller and Chris Valasek will present on on-board car computer insecurities to thousands.