Security firm Malwarebytes has revealed that porn sites are being attacked by malware which makes its way through adverts.
Malwarebytes' Jerome Segura divulged via a blog post that the security firm had unearthed that the SSL malvertising campaigns prevalent on major sites such as MSN and Yahoo still continue.
For the unfamiliar, these malvertising campaigns directed users who clicked on the adverts to a fake page that had fraudulent assertions of criminal activities and asked the user to submit a fine.
Segura reveals that adult portals, like the popular site xHamster, were being targeted this time.
"The SSL malvertising campaign we documented in August that affected Yahoo.com, MSN.com and several other top sites is still ongoing. This time around it is striking on adult portals, including top domain xHamster.com which has close to half a billion monthly visits," notes Segura.
The attack on xHamster basically works by throwing up a malicious ad for a dating app dubbed Sex Messenger. It is designed in such a manner that it will affect users who browse using Internet Explorer.
The malware is quite advanced and is able to conduct checks to bypass security researchers, bots and honeypots. However, since the advert in this instance was appearing frequently, the security researchers were able to study them.
xHamster accounts for over a billion users and offers both free and paid porn videos to visitors. The adult site is said to be more popular than YouPorn, PornHub, RedTube and xVideos.
Malwarebytes also documented another attack on xHamster which was a ransomware one. This too was conducted through malvertising. This malware created a fake website which claims that it is from the NSA and Interpol and claims that the PC is making video and audio recordings.
TrafficHaus is the firm that was serving the adverts and was alerted of the issue by Malwarebytes. TrafficHaus has reportedly pulled down the ad for the Sex Messenger dating app.