You Can Get Identity-Stealing Malware By Watching This Popular Porn Site

You Can Get Identity-Stealing Malware By Watching This Popular Porn Site

Usually when you here “sex” and “Trojan” in the same sentence, it means someone’s being safe. Not so much in the most recent jack-off site hijacking: People checking out RedTube, one of the most popular porn sites, are in danger of identity theft. Hackers have infected the site’s source code to redirect to malware used to steal personal information.

RedTube is like the Huffington Post of porno sites: Sprawling, popular and full of content aggregated from elsewhere on the internet. And like HuffPo, it’s now best to avoid it completely.

Visiting a porn hub usually results in sketchy-looking pop-up ads; it’s not unusual for porn sites to have malware problems. This one is notably bad because it’s the site itself that is infected, not its advertisements. This means simply going to the homepage will redirect you to a Trojan that can be used to steal personal information.

Malwarebytes says the particular family of Trojans used here are known for “stealing personal information from users as well as installing browser helper objects that spread pop-up ads, some redirecting to additional exploit pages and therefore more malware infections.”

I’ve asked RedTube what they’re doing to fix the source code, and will update when I hear that it’s cleared up the issue.

You may be able to avoid getting infected while visiting RedTube by installing anti-exploit blockers…but I’d stick to good old fashioned Tumblr porn until this gets fixed up. [Malwarebytes]

Screenshots: Malwarebytes


The Cheapest NBN 50 Plans

It’s the most popular NBN speed in Australia for a reason. Here are the cheapest plans available.

At Gizmodo, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.