Researchers at Malwarebytes detected another malvertising campaign targeting popular adult sites over the weekend, this time against PornHub and YouPorn.
The campaign pushes an Angler Exploit Kit – via the Exoclick ad network - that appears to deliver browlock, a browser-based ransomware, according to the post. The malicious code used to deliver the kit was first documented by Malware hunter Malekal in a Sept. 19 tweet.
#Browlock #Ransomware at @Exoclick network - target Mac. pic.twitter.com/vslhR6vPZo
— Malekal's site (@malekal_morte) September 19, 2015
The two adult sites and the ad network have since removed the malicious code.
Last Friday, adult site xHamster was targeted in a similar campaign that served malicious ads through TrafficHaus. This may have been the result of a breach, according to what appears to be a TrafficHaus comment made on security blogger Graham Cluley's site.
Researchers said they're not sure if the campaigns are related but the post noted the “timing is certainly strange."