RedTube porn website spreads malware, via iFrame invisible to the naked eye

Graham Cluley
Graham Cluley
@[email protected]

OuchRedTube, one of the world’s most popular websites for those eager to watch pornographic sex videos, has been compromised and found attempting to infect visiting computers via an Adobe Flash vulnerability.

Security firm MalwareBytes reports that online criminals have embedded a malicious iFrame on the RedTube website, that invisibly runs code from a third-party website.

Anyone visiting the RedTube website wouldn’t have been able to spot the iFrame, as it’s invisible to the naked eye. Only those who examined the source code of RedTube’s main page might have noticed the reference to a JavaScript on a third-party website.

And let’s face it – nobody goes to a website like RedTube to take a close look at the HTML source code.

Sign up to our free newsletter.
Security news, advice, and tips.

Compromised RedTube HTML code

Researchers believe that the presence of the code is almost certainly proof that hackers gained access to the site:

“The existence of the iFrame in the main page source code is evidence enough to say that RedTube servers were likely hacked by malicious actors who had access to the main page source code, adding the malicious code and then setting it loose on RedTube users.”

If you visited the site using a vulnerable computer, an exploit kit would attempt to take advantage of software vulnerabilities to install a Trojan horse onto your computer.

Once in place, the malware would almost certainly pester your regular browsing activity with pop-up adverts, and redirect you to other pages hosting exploits designed to further riddle your computer with malware.

As always, be sure to keep Adobe Flash – and other software – fully patched to reduce the chances of attackers successfully infecting your computer.

And remember, it’s not just x-rated websites that could harbour a nasty infection – even something as seemingly innocent as a celebrity chef’s website could also be harbouring malware.

More details of the RedTube infection can be found on the MalwareBytes blog.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “RedTube porn website spreads malware, via iFrame invisible to the naked eye”

  1. Chris Thomas

    The wonderful Agnitum Outpost Firewall Pro and Outpost Security Suite Pro both have a feature called Web Control. With it the use can elect to allow, block or prompt for such web stuff as flash and hidden frames, among a number of other things. My practice is to completely block hidden frames which causes no ill effects. The only web site that needs it is eBay.

    I have used this powerful tool on all my computers for many years, right from Outpost Firewall version 1. Some good stuff comes out of Russia.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.