New 'malvertising' campaign hits popular adult websites infecting millions

Porn sites like DrTuber, Nuvid, Eroprofile, IcePorn and Xbabe hit by massive malware attack affecting millions of visitors

Adult websites cater to millions of users and are always the best target for malicious software and adware. There have been various instances when such malware has hit sites like Xhamster, Redtube and Pornhub but now a new wave of malicious advertising that has hit popular adult websites over the past week could leave millions infected.

The new campaign containing malicious adverts was discovered by security firm Malwarebytes  which could infect millions of visitors to porn sites. According to Malwarebytes, the sites included DrTuber, Nuvid, Eroprofile, IcePorn and Xbabe and the adverts are hosted and served by the adult ad network AdXpansion. The alarming issue is that these ads need not be clicked on to infect the user visiting such sites.

According to an investigation by Internet security company Malwarebytes, the ‘malvertising’ campaign started during the week of November 21st.

The modus operandi is quite straightforward and facilitated by a compromised Flash advert directly hosted and served by AdXpansion, an adult ad network, which triggers a hidden Flash exploit loaded from a seemingly innocent XML file. This technique has been used before in other self-sufficient Flash ad/exploit attacks.

As a precaution, if you have visited any of the listed sites, you’ll want to run an anti-malware / spyware software to check for infections. Various types of malware were used during the campaign, including Ransomware.

Malwarebytes says that it has contacted the AdXpansion network to inform them of the malvertising campaign but it has not commented so far on the issue.