Woburn, MA – February 21, 2019 – A new report from Kaspersky Lab has observed an increase in malware stealing login credentials for premium accounts on adult websites, with around 110,000 people facing this kind of attack in 2018. This is more than double the number of people that were targeted by this threat in 2017. Researchers also observed an increase in adult website credentials for sale on dark web markets, as well as a rise in the number of malware families launching porn-related attacks.
Credential-stealing malware is typically distributed through botnets formed of repurposed banking Trojans. As cybercriminals show an increased interest in adult content websites, they are using this same method to steal credentials for premium porn accounts. In these attacks, botnets intercept victims’ internet traffic and redirect them to fake webpages that mirror an authentic adult site they are attempting to visit. The botnets can then capture the user’s credentials as they type them in to the fake site. In addition to exposing victims’ personal information, these attacks can also lead to victims being locked out of their account, for which they could be paying a yearly subscription of up to $150.
Kaspersky Lab researchers found that this threat is not only targeting an increased number of users, but it is also growing in productivity. The number of malware attacks attempting to steal porn website credentials increased almost three-fold in just a year, rising from 307,868 attack attempts in 2017 to more than 850,000 in 2018.
Furthermore, researchers have seen a rise in the number of offers related to stolen porn credentials on dark web markets. In 2018, Kaspersky Lab experts found around 10,000 unique offers for premium access credentials to porn websites, approximately double the number of offers seen in 2017. The price, however, remained the same – around five to ten dollars for each account.
“Premium access credentials to porn websites might not seem like the most obvious thing to steal,” said Oleg Kupreev, security researcher at Kaspersky Lab. “However, the fact that the number of sales offers relating to such credentials on the dark web is rising, and the increased efforts to distribute such malware, shows that this is a profitable and popular line of illegal business. Users of adult content websites should keep in mind that such malware can remain unnoticed on a victim’s device for a long time, spying on their private actions and allowing others to do the same, without logging the user out so as not to arouse their suspicion. Even those who simply visit the site but don’t have a premium account could be in danger, as they might risk exposing their private data.”
Additionally, researchers found that the number of attacks coming from phishing pages pretending to be one of the major free porn websites increased significantly in 2018. Pornhub was the most commonly copied page, with Kaspersky Lab detecting 37,144 attempts to visit phishing versions of this website, compared to just 1,161 total attempts to visit phishing versions of Youporn, Xhamster, and Xvideos.
In a statement, Pornhub said: “Although the number of phishing may seem high, it's important to note that in relation to the amount of site visits (33.5 billion visits in 2018), the percentage of phishing attempts is very small (less than .0001%). This low percentage rate can be attributed to the fact that Pornhub actively monitors and removes phishing websites and offers two-factor authentication when logging into Pornhub accounts.”
Additional key findings from Kaspersky Lab’s report include:
To reduce the risk of being victimized by porn-related malware, Kaspersky Lab advises the following tips for consumers:
Read the full Kaspersky Lab report on threats facing users of adult websites on Securelist.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 21 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.