Researchers have spotted dozens of malvertising attacks targeting hundreds of moderately popular adult sites in a recent campaign.

The attacks targeted sites including,,, and, each of which receive millions of visits per month, and are being distributed through the adult ad network AdXpansion, according to a 2 December Malwarebytes blog post.

The campaign has been active since 21 November and uses a compromised Flash advertisement to trigger a hidden Flash exploit loaded from a seemingly innocent XML file that will attempt to load an exploit as soon as it is displayed on the page, no click required, according to the post.

Researchers observed an attack on attempting to targeted Flash exploit (CVE-2015-7645) using code in a XML file loaded from and the same attack attempting to distribute two different payloads at once onto another adult site.