Despite their devilish tactics, you have to give it hackers—they sure are creative at coming up with new and unexpected way to infiltrate your privacy and infect your systems with malware. Everyone knows the best kinds of hacks involve reverse engineering of the human mind, where a certain behavior can open up a world of opportunity. But building an attack vector based the possibility of what people might do is also subject to a certain amount of guesswork, unless of course you are able to locate a decision a certain demographic of the population are sure to make, something they can’t live without—and internet pornography in the office fits that bill perfectly.
The news site Tech Crunch recently reported that a network owned by a satellite imaging facility called the EROS center was infected with a strain of malware connected to the “extensive history” of one U.S. government employee who had been viewing internet porn on his work computer for a long time. Lured in by adult content, the unnamed worker visited thousands of infected online porn pages, all of which contained an anonymous strain.
Although a spokesman from the U.S. Department of the Interior refused to identify the malware culprit by name, the agency did say it aided with “data exfiltration,” which happens when information from a victim’s network is unknowingly transferred onto an attacker’s computer. The inspector general also stated the agency often works with ransomware attacks—a well-designed attack for someone watching online porn at work, an act they would probably like to keep private. This degree of potential embarrassment—leading to office gossip, demotion, termination, or even arrest if the porn meets certain criteria—would provide just the right leverage for a cybercriminal looking to extract money from a victim. Pay up or face some serious consequences.
Security expert from Kaspersky Lab, Roman Unuchek, explains more, “A victim who has been compromised with an adult content-enabled malicious program might think twice before reporting the incident, simply because the very fact that they were trying to find porn content is viewed critically. So from the attacker’s perspective, such a person is a much more convenient victim.”
Unfortunately this porn-loving government employee not only enjoyed some salacious content while on the job—he also downloaded the malware-infested files onto an unauthorized USB device as well as his U.S. government-issued Android phone, essentially infecting other devices in the process and jeopardizing the larger security vector.
Investigators in the incident have recommended all government agencies take stricter action against this kind of threat by blacklisting certain websites with non-professional material and monitoring the browser history of their employees, especially those working in highly authorized environments or around sensitive information. Workers on such premises should also be strictly forbidden to bring in or use removable media like zip drives to download up upload anything on the job. This effort promotes better digital hygiene for all systems and ensures something like this, or much worse, does not happen again.
It’s worth noting this unfortunate employee was not the only one caught doing this or the only one lured in by malware in sexy underwear. Kaspersky Lab has said, “adult content serves as a tool for cybercriminals to lure victims into fraudulent schemes involving phishing, PC, and Android malware.” So apparently getting infected while viewing porn is now a thing. In a report earlier this year, Kaspersky also suggested 25.4% of mobile users who are attacked by malware—or approximately 1.2 million people—are lured in by malicious programs while viewing adult content.
Although experts are unclear about the overall infection rate on this type of attack, the malware itself varies in nature, from rooting malware to banking trojans to clickers to special advertising links set up to drain mobile creds via Wireless Application Protocols.
So, no more online porn… ever?
If you watch internet porn at work—cut it out. But if you enjoy a little online pornography in the privacy of your own home, on your time off, you can rest assured you are not alone—it is, hands down, one of the biggest traffic draws on the internet. In fact, Pornhub says online smut attracts 23 billion visits from around the world each year, an audience that collectively views nearly 92 billion videos.
Stephen Cobb, a senior researcher from ESET, a company who creates virus and threat detection software, claims it would take a single person 5,246 centuries to watch this much porn. And he would know because he has been studying the relationship between porn and the internet for over 30 years. Based on his expertise, Cobb claims porn sites do not necessarily host more malware than any other kind of website; however, users who visits these sites tend to exhibit riskier behavior and are drawn in with a click-click here and click-click there, often losing sight of just how far they have entered. And then of course, there is the issue of reporting, which is typically put off or avoided altogether in an effort to sidestep the inevitable humiliation.
So, if you are planning to visit your favorite online porn site in the future, make sure your device is fully loaded with anti-malware and anti-phishing software. It’s also worth using a Chromebook or some other cheap secondhand Windows 7 laptop so your personal information, such as email and financials, are not loaded onto it. That way, if you do get infected with a virtual STD, you won’t have to worry about it ruining your life.