Anti virus firm Malwarebytes says a campaign of malware hidden inside online advertisements which hit search engine Bing earlier this year has now also appeared on adult websites.
The advertising, apparently for a service called Porn Messenger, also contained tools for identifying whether the user was genuine rather than a bot.
It appeared on porn site theporndude, one of the world's most visited porn domains.
However the firm said sex sites are no more dangerous than mainstream ones.
The advertisement has now been removed.
The virus, which also made use of the security of cloud-based platforms to hide what it was doing, worked by directing the user to a fraudulent page once it had determined that they were running Microsoft's Internet Explorer and had identified the device's safety settings.
So-called "malvertising" often installs ransomware on to a user's machine. It loads a page containing false accusations of criminal activity and instructions for paying a big fine.
"These efforts ensure that only real users will get to see the exploit kit landing page therefore excluding honeypots and security researchers alike," wrote Malwarebytes security consultant Jack Segura in a blog post.
Although in this case the advertisement was popping up so often that researchers were able to study it finally.
Source: BBC
The advertising, apparently for a service called Porn Messenger, also contained tools for identifying whether the user was genuine rather than a bot.
It appeared on porn site theporndude, one of the world's most visited porn domains.
However the firm said sex sites are no more dangerous than mainstream ones.
The advertisement has now been removed.
The virus, which also made use of the security of cloud-based platforms to hide what it was doing, worked by directing the user to a fraudulent page once it had determined that they were running Microsoft's Internet Explorer and had identified the device's safety settings.
So-called "malvertising" often installs ransomware on to a user's machine. It loads a page containing false accusations of criminal activity and instructions for paying a big fine.
"These efforts ensure that only real users will get to see the exploit kit landing page therefore excluding honeypots and security researchers alike," wrote Malwarebytes security consultant Jack Segura in a blog post.
Although in this case the advertisement was popping up so often that researchers were able to study it finally.
Source: BBC
Comment