Online Porn Users Take Huge Risks, Study Finds

Artwork: Diego Aguirre
Online porn is one of the most hostile environments on the Internet but malware distribution itself appears to be only a profitable sideline for the adult industry, a new study has suggested.

Some of the findings PDF made by the academic team at the International Secure System Lab in Austria correspond to what most people think they already know about online porn as a business.

Online porn is high profitable despite the fact that most content if given away free as part of a complex and layered traffic-trading system built on buying and selling visits.

Ninety-two percent of the sites detected as being porn sites by the researcher's web crawler offered free content and functioned as marketing and hit-generating systems for the 8 percent either selling or acting as processing systems for expensive adult content.

Interestingly, a large volume of free sites used a range of techniques to render users potentially vulnerable, including blind linking, Javascript 'catching', and website redirection.

The motivation for all this chicanery is mostly to exploit the user to generate extra and unintended traffic to benefit the site's owners, but the potential is obvious. Porn sites are ripe for malware exploitation even if that possibility is only taken up on occasion. Using a honeypot analysis, the team calculated that 3.2 percent of 260,000 sites looked at were distributing malware.

Speculatively, the reason could be to do with money. Malware distribution generates cash but it is not in the porn industry's interest to become over-dependant on a business that would see them quickly blacklisted by anti-malware engines.

The team also set up its own porn hub in order to analyse the deeper economic structures of the industry. With little apparent credential checking, researchers were able to buy the traffic of 49,000 unique visitors from third-party sites for an outlay of only $161, a demonstration of how easy it is for porn webmasters to find an audience.

Twenty thousand of these visitors had Office, PDF or Flash vulnerabilities that would have allowed them to be infected with malware, and 1,000 visitors showed evidence of having already been infected with a range of malware.

"We conclude that many participants of this industry have business models that are based on very questionable practices that could very well be abused for malicious activities and conducting cyber-crime," the authors say.

Subscribe to the Security Watch Newsletter

Comments