xHamster Malware campaign
A major malvertising campaign is affecting adult website xHamster which is putting its 500 million monthly visitors at risk of infection Malwarebytes

Visitors to adult website xHamster are at risk of having their computers infected with a piece of malware due to a large and serious malvertising campaign that takes advantage of the recently uncovered zero-day vulnerability in Adobe's Flash player.

In the past few days, security company Malwarebytes says it has noted a 1,500% increase in infections originating from the free pornography website, which boasts over 500 million hits every month and is the 37th most popular website in the UK according to Alexa.

The malicious campaign is using the fast-growing method of "malvertising" to spread the Bedep malware, which is used in ad-fraud campaigns and opens up victims' systems to further infection by subsequently downloaded pieces of malware.

In most cases of malvertising, the host website, and even the ad agency supplying the malicious adverts, are completely unaware of the problem.


This is far from the first time malvertising has been found on xHamster but Malwarebytes says "this particular campaign is extremely active" and "given that this adult site generates a lot of traffic, the number of infections is going to be huge".

The infection originates from ad agency Traffichaus and is launched though an iFrame that was not detected by 57 anti-virus products. Only two of the 57 anti-virus solutions were able to detect the Bedep malware being downloaded.

Malware hosted on adult websites has been a major issue for some time. In 2013, researcher Conrad Longmore claimed the two adult sites posing the most risk of malware infection for visitors were Pornhub and xHamster, with 53% and 42% chance of encountering malware respectively.

Pornhub claimed the figures were "grossly exaggerated" and xHamster said it had cleaned up its act, telling the BBC in April 2013: "We had an issue with malware in the past and we totally stopped working with that advertising agency because of that problem.

"Now our reliable partners are checking new advertisers very strictly, so it's almost impossible to put a new site with malware on xHamster. The problem is that even reliable advertisers sometimes can be hacked."

IBTimes UK has contacted xHamster for a comment but we have yet to receive a response.