Menu
Visitors to top porn sites hit by malvertising attack

Visitors to top porn sites hit by malvertising attack

A malicious advertisement posted through an ad network tried contained a Flash Player exploit

In the latest attack involving malicious advertisements, hackers managed to launch Flash Player exploits against the visitors of several popular porn websites.

It's not clear how many users were impacted, but the affected websites have over 250 million monthly visits combined, according to researchers from Malwarebytes who spotted and analyzed the attack.

The malicious ads were posted through an advertising network called AdXpansion that was abused in similar incidents in the past.

The attackers managed to distribute through the network a Flash-based ad that attempted to exploit a vulnerability in Flash Player.

The flaw affects Flash Player through version 17.0.0.134, which was released within the last two months, the Malwarebytes researchers said in a blog post Thursday. Affected sites listed in the blog post include Drtuber.com, Nuvid.com, Hardsextube.com and Justporno.tv.

Unlike more subtle malvertising attacks, where rogue ads redirect the user's browser to a third-party server that hosts an exploit kit, in this attack the ad launched the exploit code directly.

This approach might be an attempt to evade detection by security tools that track exploit kit servers and traffic patterns.

"It is interesting to see the trend of exploit kits taking the appearance of advertisers by leveraging Flash for serving the 'creative' and exploit in one single package," the researchers said. "It is a minimalist type of approach which seems to work quite efficiently."

Malvertising attacks have been frequent occurrences in recent months and have affected a large number of ad networks, despite efforts from their owners to prevent them.

On Thursday, security researchers from Trend Micro reported a separate attack, where cybercriminals posted malicious ads through the compromised servers of an advertising company called Mad Ads Media.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags online safetytrend microsecurityMalwarebytesAdXpansionExploits / vulnerabilitiesmalware

Featured

Slideshows

Examining the changing job scene in the Kiwi channel

Examining the changing job scene in the Kiwi channel

Typically, the New Year brings new opportunities for personnel within the Kiwi channel. 2017 started no differently, with a host of appointments, departures and reshuffles across vendor, distributor and reseller businesses. As a result, the job scene across New Zealand has changed - here’s a run down of who is working where in the year ahead…

Examining the changing job scene in the Kiwi channel
​What are the top 10 tech trends for New Zealand in 2017?

​What are the top 10 tech trends for New Zealand in 2017?

Digital Transformation (DX) has been a critical topic for business over the last few years and IDC is now predicting a step change as DX reaches macroeconomic levels. By 2020 a DX economy will emerge and it will become the core of what New Zealand industries focus on. From the board level through to the C-Suite, Kiwi organisations must be prepared to think and act digital when the DX economy emerges in 2017.

​What are the top 10 tech trends for New Zealand in 2017?
Top 15 Kiwi tech storylines to follow in 2017

Top 15 Kiwi tech storylines to follow in 2017

​The New Year brings the usual new round of humdrum technology predictions, glaringly general, unashamedly safe and perpetually predictable. But while the industry no longer sees value in “cloud is now the norm” type projections, value can be found in following developments of the year previous, analysing behaviours and patterns to formulate a plan for the 12 months ahead. Consequently, here’s the top Kiwi tech storylines to follow in 2017...

Top 15 Kiwi tech storylines to follow in 2017
Show Comments