Slashdot Mirror

← Back to Stories (view on slashdot.org)

Regular Domains Have More Malware Than Porn Sites

Posted by CmdrTaco on from the wouldn't-have-seen-that dept.

SnugglesTheBear writes "New research pours scorn on the comforting but erroneous belief that Windows surfers who avoid smut and wares on the Web are likely to avoid exposure to malware. A study by free anti-virus firm Avast found 99 infected legitimate domains for every infected adult website. In the UK, Avast found that more infected domains contained the word 'London' than the word 'sex.' Among the domains labeled as infected by Avast was the smartphones section of the Vodafone UK website. The mobile phone operator's site contained a malicious JavaScript redirect script that attempted to take advantage of an unpatched Windows Help and Support Centre flaw (CVE-2010-1885) to infect the machines of visiting surfers."

22 of 122 comments (clear)

  1. "London" is a heavily spammed term by Animats · · Score: 4, Informative

    "London", as a keyword, is a heavy spam target. I used to use "London Hotels" as a test case for SiteTruth's web spam detector. Google used to do badly on that search. (Since they started handling travel destinations as a special case, the first 10 Google results are now either paid ads or results from the business search engine.)

  2. makes sense... by gandhi_2 · · Score: 3, Insightful

    there's competition in the porn world... they want to make money.

    vodafone, like most carriers, will be making money no matter what.... thanks to monopolies, duopolies, market segmentation and such.
    this creates a lazy attitude towards security, among other things.

    is anyone surprised by this, really?

    --
    THL phish sticks
  3. "sex" is too vanilla to sell by zill · · Score: 4, Insightful

    In the UK, Avast found that more infected domains contained the word 'London' than the word 'sex.'

    Maybe it's due to my weird fetishes, but none of the porn sites I visit actually contain the word "sex".

    1. Re:"sex" is too vanilla to sell by Anonymous Coward · · Score: 4, Funny

      Most people don't consider TechCrunch to be a "porn" site.

    2. Re:"sex" is too vanilla to sell by Anonymous Coward · · Score: 5, Informative

      Lets check the current list of smut...

      bigtube.com
      deviantclip.com
      extremetube.com
      fantasti.cc
      hardsextube.com
      new.hardcoreporntube.com
      newsextube.org
      pornhub.com
      pornmix.com
      slutload.com
      spankwire.com
      stileproject.com
      tnaflix.com
      wankspider.com
      xhamster.com
      xvideos.com
      youporn.com

          11.76% contain sex. And none will make you contract viruses of the electronic nor STD varieties.

    3. Re:"sex" is too vanilla to sell by tsalmark · · Score: 4, Funny

      Porn sites have words?

    4. Re:"sex" is too vanilla to sell by barzok · · Score: 4, Funny

      I read them for the articles.

  4. What are the percentages? by meerling · · Score: 4, Insightful

    It's all fine and good to point out that for every porn site there are 99 non-porn sites that have malware.
    But what are the percentages of said catagories infected?
          What percentage of porn sites have malware?
          What percentage of non-porn sites have malware?
    If the percentages are high enough for a category, it is a good idea to avoid that category, even if it is a tiny percentage of total sites.

    1. Re:What are the percentages? by logjon · · Score: 3, Insightful

      Assuming that porn sites make up > 1% of all websites (a pretty safe assumption,) then the ratio of (infected regular sites/uninfected regular) sites is still higher than that of porn sites.

      --
      The stories and info posted here are artistic works of fiction and falsehood.
      Only fools would take it as fact.
    2. Re:What are the percentages? by wisnoskij · · Score: 4, Informative

      Over 37% of the internet is porn (http://idle.slashdot.org/story/10/06/16/1722258/Over-a-Third-of-the-Internet-Is-Pornographic)

      therefore porn sites have a far smaller probability for malware then non porn sites.

      --
      Troll is not a replacement for I disagree.
  5. That doesn't necessarily mean they're wrong by mooingyak · · Score: 4, Insightful

    Does that still hold true in terms of traffic? It doesn't matter how many sites have malware, it matters how often those sites are visited. One high volume site with malware does more damage than a thousand sites that no one visits.

    --
    William of Ockham had no beard. The most likely explanation is that it was chewed off by squirrels every morning.
  6. There's a reason for that by Monkeedude1212 · · Score: 5, Insightful

    People in the porn business are in it to make money. For the most part, they work together. Ever notice how they all link/ad/popup to more sites all within their clique?

    There's more money in repeat subscriptions than regular joe getting infected with Malware.

    1. Re:There's a reason for that by JWSmythe · · Score: 5, Interesting

          Actually, the reason you'd see the same or similar ads in a particular genre of porn would be that porn folks are usually pretty good at targeted marketing. For the successful ones, they watch their revenue streams very carefully. They learn (through trial and error mostly) which ad campaigns work, which ones don't, and the best placement on their pages.

          There are some shady dealings too, where folks running ad campaigns shave profits. If campaign A gives them 1:300 conversion rate, but campaign B gives them a 1:600 conversion rate, but all other things are the same (same type of content, same cost and membership length) you can look at the possibility that the company running the campaign is stealing from you.

          Popovers, popunders, jumping monkeys, or whatever aren't the biggest concern of the webmaster. If that ad method didn't make money, it wouldn't be used. It's not worth it for the webmaster to waste space and/or time with ads people don't click on, or worse, ads that don't pay.

          For most of them, it's far from their best interest, to have a malware infected site. If you go there, and your antivirus does kick off saying "This site is infected, run!", you're very likely not to go there again. You may tell your perv friends "Hey, don't go there, it has viruses." If it's a "clean" site (as in viruses, not smut level), you may be back every day, and tell your perv friends "hey, check this site out."

          Word of mouth doesn't seem like it would be that significant, but it is. I worked at one of the highest trafficked adult sites for many years. They got that big by word of mouth. SEO on the site was almost nonexistent, unless you are looking for their name only, which they usually abbreviated, making that useless too. It was in their best interest to keep it a safe place to go.

          I'd guess most of the malware stuff is either done by dirty webmasters who don't ever expect to have a repeat visitor, or (and more of) lost and lonely porn sites in virtual hosting environments, where the user permissions were all set wrong. Have 0666 / a+rw on your files is an open invitation for anyone else on that machine to cause you a lot of grief.

          A lot of times, people don't even know that the problem exists. I was helping someone out with a non-porn site. I pulled down a copy of the live site with wget. That was fine. I went to their location, and we downloaded the entire contents of their site, and there were two html files with javascript malware in them, that weren't linked from the live site. It appears someone else on the server had a script crawl through and add their malicious payload to any default.html that was world writeable. The script kiddies can't tell if the files are actually used, they just write to anything they can. Sometimes they'll stick it in any .html or .htm file that's world writeable, but that takes longer than just sticking it in any index.html or default.html that they can.

          Regular webmaster type folks usually only have a handful of sites. Porn webmasters usually have hundreds or thousands of them. It's all about how much exposure your content gets. If I have one site, the chances of someone tripping over my site are slim. If I have 10,000 sites, the chances get much better, which means my ads are seen and I can make more money. People rarely set up porn sites for their love of the topic. They do it to make money.

      --
      Serious? Seriousness is well above my pay grade.
  7. Re:The question is by commodore64_love · · Score: 4, Funny

    So however you look at it, you get fucked.

    --
    "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
  8. Red Light District ... by DrJimbo · · Score: 4, Interesting

    I lived in a centrally located but rather crummy neighborhood of NYC back in the early '80s. Late at night cars would be backed up up several blocks waiting in a line so they could turn down my street and pick up a hooker.

    Funny thing is, the neighborhood seemed perfectly safe. I never had any trouble getting to or from my apartment at any hour of the day or night. I figured it was probably one of the safest areas of NYC because any crime would have been bad for business.

    --
    We don't see the world as it is, we see it as we are.
    -- Anais Nin
  9. Re:The question is by pseudorand · · Score: 4, Interesting

    > How many of those redirects lead to adult sites?

    Probably not many. After all, porn sites actually have a legitimate (or at least legal) internet business model with revenue. Why do they need to infect their customers with malware? The newspapers on the other hand are struggling to figure out how to get people to pay for their content.

    What's more, I imagine mostly lonely guys visit porn sites. And who are lonely guys? Geeks! (present company excluded, of course :). And geeks use Firefox, NoScript, etc., so they're hard to infect. If you want to build your fleet of rooted zombies, I'd imagine sites that a bunch of old people who are still using IE 5 on unpatched Windows 2000 is your best bet. And unless they've responded to a Viagra e-mail, I would guess grandma and grandpa aren't visiting porn sites.

  10. Re:Java Issue by bannable · · Score: 3, Insightful

    JavaScript is not Java, and both the Adobe vulnerability and any SQL injection vulnerabilities that exist are the result of poor programming, not JS.

    --
    "If you see a man on a horse, he is likely an enemy. Kill the man and eat the horse."
  11. Re:The question is by Anonymous Coward · · Score: 3, Insightful

    What's more, I imagine mostly lonely guys visit porn sites. And who are lonely guys? Geeks!

    Well, you'd be imagining wrong, because the correct answer to the question who visits porn sites is EVERYONE.

  12. Re:The question is by BenoitRen · · Score: 3, Informative

    Exactly. 99 regular sites infected to 1 porn site infected is rather telling if there are 1000 times more regular sites, which would mean that you have a ten-fold increase in risk on porn sites.

    Way to miss the point, which is that avoiding porn sites doesn't mean you won't get infected. This proves that there are many regular sites out there that are infected, ratio of anything be damned.

    As usual, this is a non-story that boils down to nothing more than a press release for Avast: "You're at risk! Buy our crap which will slow down your computer and probably won't detect much anyways!"

    Avast is free. It even says so in the summary.

  13. Am I the only one who isn't surprised? by asdf7890 · · Score: 3, Insightful

    Am I the only one who isn't surprised? I would expect porn sites to be less infected than regular sites.

    Admins and designers who work on such sites are more likely, than those that work in more "innocent" areas, to be exposed to the lower end of human behaviour through using spammers and ropey affiliate schemes to draw in traffic. If you are aware of what nefarious things you do (or could do) and more importantly what your competition do or could do then you are going to be more clued up on how careful you need to be with site security.

    Ignoring the lower end of human behaviour (there must be at least one or two porn sites out amongst the millions that don't spam/crack/what-ever to make an extra few $), to be successful financially a porn site need to be secure, otherwise people would just hack in and take the content for nothing. It is simply good business for them to be security concious, especially the smaller outfits/franchises that are run by a small team (where the designers/programmers/admins are more likely to be directly affected in the wage-slip if the site is hacked). Designers, programmers and admins working on a small and possible not very sensitive part or a much larger organisations output (like the vodafone example mentioned) may not be as directly aware of such issues. The "smartphones section" of their site, assuming this is a phone/contract sales area, is not likely to have cracking types trying to steal content. Now a site (or part there of) that is offering paid-for downloadable content I would expect to be "safer" than other areas for the same reason as a porn site: the content needs to be protected more than the content of a brochure page.

  14. Are you sure? by SmallFurryCreature · · Score: 3, Funny

    Are you truly prepared to traverse the deepest darkest corners of the internet? Where unspeakable things happen and are best left untouched? Where your very soul is at risk and your sanity might be stripped from you with one wrong click?

    Do you really got what it takes to fire up your browser and go to a mobile phone operator site?

    I think not.

    --

    MMO Quests are like orgasms:

    You may solo them, I prefer them in a group.

  15. Keep your PC secure... by TekJannsen · · Score: 3, Funny

    ...by avoiding non-porn sites altogether!