Security Experts Warn Against Fraudulent 'Java Update' Popup on Adult Sites

Security Experts Warn Against Fraudulent 'Java Update' Popup on Adult Sites

LOS ANGELES — Two months after warning of a surge in malvertising fraud targeting adult websites, internet security experts have determined that the bad actors behind it have switched tactics from “exploit kit delivery” to “social engineering” via a fake Java update screen.

As XBIZ reported back in September, the criminal modality of “malvertising,” where bad actors sneak malicious code into supposedly legitimate banner ads, made a comeback this year as people spend more time online — and on adult sites.

Security firm Malwarebytes explained the initial stage of this campaign — which they dubbed “Malsmoke” — as “ads [that] redirect visitors to sites that serve malicious code.”

“When viewed with Internet Explorer or Adobe Flash, the code can exploit critical vulnerabilities in unpatched versions of Internet Explorer,” Malwarebytes initially warned.

Today, Malwarebytes announced that “starting mid-October, the threat actors behind ‘Malsmoke’ appear to have phased out the exploit kit delivery chains in favor of a social engineering scheme instead. The new campaign is tricking visitors to adult websites with a fake Java update.”

This change is significant, according to the security firm, because “it drastically increases the target audience, no longer limiting it to Internet Explorer users running outdated software.”

One of the largest adult sites targeted by the malvertising hackers, according to Malwarebytes, is xHamster.

To read an elaborate explanation of this latest modality in online fraud, visit Malwarebytes.

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

FSC Publishes Analysis of Federal Trade Commission Event Promoting AV

Free Speech Coalition (FSC) has published an analysis of a Federal Trade Commission (FTC) event held this week that promoted age verification among other forms of speech regulation.

GirlsDoPorn Owner Michael Pratt Pleads Guilty to Sex Trafficking

Michael Pratt, former owner of the rogue website GirlsDoPorn, pleaded guilty in the U.S. District Court for the Southern District of California on Thursday to sex trafficking and conspiracy to commit sex trafficking charges, according to a report by City News Service.

Master Nico Relaunches Site Through YourPaysitePartner

Master Nico has relaunched his official website through YourPaysitePartner (YPP).

Federal Judge Grants Partial Halt of Florida AV Law

The United States District Court for the Northern District of Florida, Tallahassee Division, has granted a preliminary injunction against HB 3, the state's age verification law, as a lawsuit filed by two online trade associations challenging the law makes its way through the courts.

Aylo Releases Statement on Suspending Access to Pornhub in France

Technology and media company Aylo, which operates adult sites including Pornhub, YouPorn, and Redtube, has released a public statement regarding its decision to block access to its sites in France.

Pineapple Support to Host Wellness Sessions at Bucharest Summit

Pineapple Support is hosting free group and one-on-one therapy sessions at Bucharest Summit, June 3-5.

Pornhub Blocks Access in France in Response to SREN Law

Pornhub parent company Aylo has opted to block access to its sites in France rather than comply with age verification requirements under the country’s Security and Regulation of the Digital Space (SREN) law.

ASACP Highlights Study on Parental Controls

The Association of Sites Advocating Child Protection (ASACP) is highlighting the results of a study on the underutilization of parental controls.

Sydney Screams Launches New Site Through Grooby's Blue.xxx

Sydney Screams has launched her new membership site, SydneyScreams.xxx, through Grooby's website management company Blue.xxx.

Mistress Mystii Is LoyalFans' 'Featured Creator' for June

LoyalFans has named Mistress Mystii as its Featured Creator for June.

Show More