A Porn Website XTube Compromised and Delivering Malware

A Porn Website XTube Compromised and Delivering Malware

Security firm Malwarebytes said that popular adult site Xtube has been compromised to redirect visitors to sites hosting an exploit kit.

According to the researchers of security firm Malwarebytes Labs, ultimately visitors could be redirected to the Neutrino Exploit Kit which is exploiting a Flash vulnerability. The malware being delivered was detected as Trojan.MSIL.ED.

MailShark MalwareBytes Xtube Snapshot
Figure A – Click to Enlarge

SCMagazine.com published news on 26th March, 2015 quoting Jerome Segura, Senior Security Researcher of Malwarebytes, as saying “Contrary to an issue of malvertising which is an external problem, XTube admins need to look at their own server to identify the issue. This is a dynamic infection which injects a malicious iFrame ‘on-demand’ according to what we saw.”

Segura said that precisely the community side of the website or the user profiles portion is affected but he added that other parts of the site could also be impacted.

Segura said that they have seen side infection of server before that exhibit this type of behavior and they need a thorough review of the whole system and its logs.

He said that XTube has been made aware of the issue but site operators are not able to identify the problem.

It is interesting to note that the website (referring to XTube) is not vague as it ranks 780 in the US as per Alexa and falls on spot 1,158 in the world ranking of popular online locations.

According to a source, as on Thursday, 26th March, 2015, the adult location enjoyed daily visits from almost 140,000 unique IP addresses and recorded a total of 556,000 page review per day.

Malwarebytes highlighted that unfortunately as on date VirusTotal used only 12 of the 57 AV engines to identify the threat.

Porn websites are popular for cybercriminals because of heavy Web traffic as they attacked RedTube during second half of February 2015 and another popular adult website, xHamster, also suffered a major successful malvertising campaign during end of January 2015.

If Xtube acts as swiftly as RedTube acted, then this problem may exist for a short period but as per the advice of the security firm, visitors should avoid to visit the adult site or should use proper protection.

MailShark
Free anti-spam service
Free email filter service

Share This Post

Post Comment