Quote:
Originally Posted by takethebluepill
No way...Crakrevenue's Sex Messenger the culprit?
|
The good part of the article it is: "porn sites are no more dangerous than mainstream ones." and "the top [adult] sites do dedicate a lot of resources to fighting fraud and malware."
No one talks of Crack... If you read this:
https://blog.malwarebytes.org/malver...p-adult-sites/
You see that the ransomware is really served by TrafficHaus:
https://twitter.com/traffichaus
https://www.traffichaus.com/index.php#services
Speaker Shout Out – Mark Bauman | WMA Amsterdam 2015
Q&A With TrafficHaus CEO Mark Bauman - XBIZ.com
The screnshot in article is the one of a ransomware (
https://en.wikipedia.org/wiki/Ransomware ) using paysafecard, often they use bitcoin too. But, in the article they mention SexMessenger, which is an installable download, but not a ramsomware itself for sure. Executable downloads that are not ransomware (unsure if malware, depends what you mean by it), are around since ages for example virtuagirl.com . These installs may do spammy stuff, I don't know, and they sell advertising space in turn to others, but they don't encrypt all your files asking a ransom to pay to get your pc back.
What I suppose it happened there, it is that TrafficHaus guys served the ransomware to explorer users who can be infected, and SexMessenger to others who can't be infected? If this is the case, there is no Crak media involved. But article mentions SexMessenger, so maybe this was crack->SexMessenger guys (which is not crak guys but their french partners) then TrafficHaus then ransomware?
Should Crak, Traffichaus etc. write here and explain what happened, the articles above are misleading at best.
PS: With Google I found this TrafficHaus answer in a forum back in April regarding a previous case:
--
An advertiser advertising within TrafficHaus advertising platform got access to a minute number of impressions, not users, it was a very targeted campaign which is why TrafficHaus and malwarebytes picked it up. The access was .001% of the total traffic served per day on Xhamster. This was a minor attack which we caught very early and it most likely did not affect any users.
The company responsible is a media buying company that purports their own system, called TrafficInside.Me (
http://trafficinside.me/) They claimed they were hacked, but we don't buy it. Luckily we caught it WELL before any damage could be done and so did Malwarebytes and removed it completely from the site before any damage was done. We've had 0 Reports from any users on XHamster being hit with the virus, and it would be hard pressed for you to find a single user out there with proof that they've ever been affected by Xhamster in this way, as we work diligently to keep the site clean.
They were doing very browser specific targeting. The systems we utilize currently are still unable to detect the Angler exploit, 2 anti virus scanning systems as well as all the top antivirus programs using VMware. This advertiser was activated Friday January 24th and taken down saturday January 25th. The ads in question received a total of 100k impressions, so the exposure was very very minimal, not even a tenth of a tenth of a tenth of the audience population as the advertiser was still on restricted access through our normal protocols to combat malware.
We are seeking stronger systems in detecting the Angler exploit kit in a more proactive fashion, we reached out to malwarebytes in the past without any support to help combat, so we renew our request to combat this rather than talking about this.
It was able to to get around our repeated scans, although the advertiser did provide all the necessary documents and went through our normal protocols.
As you may be aware the top antivirus and detection systems do not catch this exploit, so it is very manual on our part as well as malwarebytes.
We believe that through cooperation and teamwork to prevent these intrusions, Xhamster, TrafficHaus, and Malwarebytes can make the ecosystem of adult internet sites safer and more secure. We hope we hear from Malwarebytes soon as we've requested to work together for some time now. Perhaps your next release can be about how we combat this type of advertising daily, and about Malwarebytes joining that fight.
Hope you navigate your favorite adult channel safely.
--