Top porn sites 'pose growing malware risk' to users By Dave Lee

Technology reporter, BBC News Published duration 12 April 2013

image caption Some advertisements were found to be installing harmful software on users' machines without consent

Browsing some of the internet's most popular pornography websites is increasingly putting visitors at risk, research has found.

Advertisements displayed by the sites, which are visited by millions every day, were found to be installing harmful files without users' knowledge.

Researcher Conrad Longmore found that two popular sites - xhamster and pornhub - posed the greatest risk.

Pornhub contested the findings, saying they "grossly exaggerate" the risk.

'Sudden spike'

Mr Longmore said it was primarily Windows users at risk, but that criminals were increasingly turning their attentions to mobile devices.

While none of the porn sites observed hosted any malware themselves, it was the embedded advertisements within their pages that created problems for users.

"We call these malicious advertisements 'malvertising'," explained Mr Longmore.

"The way the ads are bought and sold across all websites is incredibly complex.

"Ads can often be repackaged and resold so that it is hard to tell where they originated from, and the criminals behind them go to great lengths to disguise what they are doing."

The data showed that xhamster - listed by monitoring firm Alexa as the 46th most popular site on the internet - had malvertising on 1,067 out of 20,986 pages (5%) screened in the past 90 days.

According to Alexa's statistics, the average user of xhamster would look at 10.3 individual pages - meaning a potential 42% risk of stumbling across harmful adverts in each viewing session.

Another site, pornhub, was found to have dangerous advertising on 12.7% of the 14016 pages scanned in the 90 day period.

In a statement, pornhub owner Manwin said its figures suggest a tiny percentage, 0.003%, of the billions of ads it served during the 90-day period potentially carried malware.

"Isolated incidents of malware are immediately caught, and minute when considering the mammoth amount of traffic our site receives," said Manwin. It added that it analysed adverts before they went live and also while on the site to ensure they stayed free of malware.

Site study

Mr Longmore said: "There seems to have been a sudden spike in malware on popular sites, especially in the past week or so. "

He added that in a similar study 12 months ago, the web's most popular porn site, xvideos, was serving up malware via banner advertising.

However, in the more recent research, the site was not found to have any harmful adverts in the time sampled by Google's system - a sign the site had "cleaned up".

Mr Longmore believes a culture of users being afraid to "kick up a fuss" meant many instances of malvertising go unreported.

"Part of the problem is that porn is a taboo subject," he said.

"But the reality is that these are hugely popular sites with many of them in the top 100 most popular sites globally. Some of them pull in more traffic than the BBC, so this is potentially a very big issue.

"Site operators could put a quick reporting mechanism on their sites to flag up bad ads and other concerns, and ad networks should also take some responsibility here.

"I don't see that happening any time soon, and perhaps the best thing that users of these sites can do is ensure that their machines are up to date."