Menu
Visitors to top porn sites hit by malvertising attack

Visitors to top porn sites hit by malvertising attack

A malicious advertisement posted through an ad network tried contained a Flash Player exploit

In the latest attack involving malicious advertisements, hackers managed to launch Flash Player exploits against the visitors of several popular porn websites.

It's not clear how many users were impacted, but the affected websites have over 250 million monthly visits combined, according to researchers from Malwarebytes who spotted and analyzed the attack.

The malicious ads were posted through an advertising network called AdXpansion that was abused in similar incidents in the past.

The attackers managed to distribute through the network a Flash-based ad that attempted to exploit a vulnerability in Flash Player.

The flaw affects Flash Player through version 17.0.0.134, which was released within the last two months, the Malwarebytes researchers said in a blog post Thursday. Affected sites listed in the blog post include Drtuber.com, Nuvid.com, Hardsextube.com and Justporno.tv.

Unlike more subtle malvertising attacks, where rogue ads redirect the user's browser to a third-party server that hosts an exploit kit, in this attack the ad launched the exploit code directly.

This approach might be an attempt to evade detection by security tools that track exploit kit servers and traffic patterns.

"It is interesting to see the trend of exploit kits taking the appearance of advertisers by leveraging Flash for serving the 'creative' and exploit in one single package," the researchers said. "It is a minimalist type of approach which seems to work quite efficiently."

Malvertising attacks have been frequent occurrences in recent months and have affected a large number of ad networks, despite efforts from their owners to prevent them.

On Thursday, security researchers from Trend Micro reported a separate attack, where cybercriminals posted malicious ads through the compromised servers of an advertising company called Mad Ads Media.

Subscribe here for up-to-date channel news

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags online safetytrend microsecurityMalwarebytesAdXpansionExploits / vulnerabilitiesmalware

Featured

Slideshows

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

Revealed at a glitzy bash in Sydney at the Ivy Penthouse, the first StorageCraft Partner Awards locally saw the vendor honour its top-performing partners with ASI Solutions, SMBiT Pro, Webroot, ACA Pacific and Soft Solutions New Zealand taking home the top awards. Photos by Maria Stefina.

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards
Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

​Synnex and Lenovo hosted 18 resellers for an action-packed weekend adventure in RotoVegas, taking in white water rafting on the Kaituna River, as well as quad biking and dinner at Stratosfare​, overlooking Lake Rotorua at the top of Mount Ngongotaha​. Photos by Synnex.

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip
Show Comments