RedTube porn website spreads malware, via iFrame invisible to the naked eye

OuchRedTube, one of the world's most popular websites for those eager to watch pornographic sex videos, has been compromised and found attempting to infect visiting computers via an Adobe Flash vulnerability.

Security firm MalwareBytes reports that online criminals have embedded a malicious iFrame on the RedTube website, that invisibly runs code from a third-party website.

Anyone visiting the RedTube website wouldn't have been able to spot the iFrame, as it's invisible to the naked eye. Only those who examined the source code of RedTube's main page might have noticed the reference to a JavaScript on a third-party website.

And let's face it - nobody goes to a website like RedTube to take a close look at the HTML source code.

Compromised RedTube HTML code

Researchers believe that the presence of the code is almost certainly proof that hackers gained access to the site:

"The existence of the iFrame in the main page source code is evidence enough to say that RedTube servers were likely hacked by malicious actors who had access to the main page source code, adding the malicious code and then setting it loose on RedTube users."

If you visited the site using a vulnerable computer, an exploit kit would attempt to take advantage of software vulnerabilities to install a Trojan horse onto your computer.

Once in place, the malware would almost certainly pester your regular browsing activity with pop-up adverts, and redirect you to other pages hosting exploits designed to further riddle your computer with malware.

As always, be sure to keep Adobe Flash - and other software - fully patched to reduce the chances of attackers successfully infecting your computer.

And remember, it's not just x-rated websites that could harbour a nasty infection - even something as seemingly innocent as a celebrity chef's website could also be harbouring malware.

More details of the RedTube infection can be found on the MalwareBytes blog.

Tags: , ,

Subscribe to the free GCHQ newsletter

, ,

Leave a reply

1 Comment on "RedTube porn website spreads malware, via iFrame invisible to the naked eye"

Notify of
avatar

Sort by:   newest | oldest | most voted
Chris Thomas
Visitor
Chris Thomas
June 30, 2015 8:09 pm

The wonderful Agnitum Outpost Firewall Pro and Outpost Security Suite Pro both have a feature called Web Control. With it the use can elect to allow, block or prompt for such web stuff as flash and hidden frames, among a number of other things. My practice is to completely block hidden frames which causes no ill effects. The only web site that needs it is eBay.

I have used this powerful tool on all my computers for many years, right from Outpost Firewall version 1. Some good stuff comes out of Russia.

wpDiscuz