“Porn xHamster reserved malware via malicious ad ‘

Apr

29

2015

The popular porn xHamster has for some time a rogue ad shown vulnerable visitors infected with malware. Whose computer was hit once, generated traffic to advertising to bring in revenue for the malware authors.

XHamster according to Alexa a popular porn site, with a rank of 68 in the list of most popular sites in the internet. According Malwarebytes, which discovered the vulnerability, the site was the victim of a malicious ad. Which was shown by ad provider TrafficHaus.

In a blog post explains Malwarebytes how ingenious went to work the malware creators. So they made in their script using Google shortener service to visitors via the advertisement refer to another website. On that site checked security software makers or potential victims Norton or Kaspersky turned. As soon as this was not the case, the attack was continued.

The malware then checked the visitor xHamster had a vulnerable version of Internet Explorer. Specifically, the program was looking for the presence of CVE-2014-4130, a vulnerability in the memory. If this could be answered in the affirmative, the injected script to the computer Bedep. Malware generates unnoticed traffic for ad campaigns.

Malwarebytes say they now have TrafficHaus informed of the malware. The ad provider would become the mala fide advertising have been removed. The security company emphasizes that anyone who does not want to risk running the latest software versions must be installed.

Porn sites serving malware regularly. Infections usually go through custom banners on ad networks. The consequences can be immense: such sites attract millions of visitors. In February it was RedTube the victim of a similar attack. When did attackers even customize the source code of the main page through a hidden iframe.

Viewing:-292

In: Technology & Gadgets Asked By: [17595 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »