I started with a list of sites in the top 1000 sites globally according to data at Alexa.com (a few have dropped out of the top 1000 since I collated the data set) and also used the Alexa data to work out the average number of daily pageviews per user. The next step was to look at Google's data on the number of infected pages and the total number of pages on the site, noting the date of last infection. From that I could work out an "infection likelihood" which is the probability of an average visitor coming into contact with malware during the period the site was infected.
What was surprising was just how clean these sites are looking (well, from a malware perspective). Last time some of the biggest sites had hundreds of pages infected, and now they appear to have virtually none. I've highlighted everything about 1% in red but note that the "riskiest" site (largeporntube.com) has been clean for a couple of months.
The results of my analysis are as follows:
|
Rank
|
Domain
|
Pageviews / User
|
Total pages
|
Infected
|
Date
|
Infection rate
|
Infection
likelihood
|
|
38
|
xvideos.com
|
11.7
|
89427
|
0
|
0.00%
|
0.00%
|
|
|
51
|
xhamster.com
|
10
|
11356
|
1
|
2013-07-01
|
0.01%
|
0.09%
|
|
66
|
pornhub.com
|
5.6
|
6235
|
0
|
0.00%
|
0.00%
|
|
|
88
|
xnxx.com
|
9.5
|
26082
|
0
|
0.00%
|
0.00%
|
|
|
95
|
redtube.com
|
5
|
9189
|
0
|
0.00%
|
0.00%
|
|
|
99
|
youporn.com
|
5.6
|
1675
|
0
|
0.00%
|
0.00%
|
|
|
103
|
livejasmin.com
|
2.4
|
502
|
0
|
0.00%
|
0.00%
|
|
|
162
|
tube8.com
|
3.9
|
12697
|
0
|
0.00%
|
0.00%
|
|
|
169
|
youjizz.com
|
4.7
|
1385
|
0
|
0.00%
|
0.00%
|
|
|
227
|
hardsextube.com
|
3.3
|
71817
|
0
|
0.00%
|
0.00%
|
|
|
268
|
dmm.co.jp
|
9.2
|
1245
|
0
|
0.00%
|
0.00%
|
|
|
275
|
beeg.com
|
4.9
|
873
|
0
|
0.00%
|
0.00%
|
|
|
326
|
motherless.com
|
14.8
|
3196
|
4
|
2013-06-24 |
0.13%
|
1.84%
|
|
393
|
drtuber.com
|
2.8
|
1420
|
0
|
0.00%
|
0.00%
|
|
|
438
|
myfreecams.com
|
4
|
148
|
0
|
0.00%
|
0.00%
|
|
|
453
|
cam4.com
|
6.3
|
889
|
0
|
0.00%
|
0.00%
|
|
|
462
|
adultfriendfinder.com
|
7.8
|
241
|
0
|
0.00%
|
0.00%
|
|
|
464
|
bravotube.net
|
2.6
|
1098
|
0
|
0.00%
|
0.00%
|
|
|
502
|
ixxx.com
|
3.4
|
438
|
5
|
2013-09-05
|
1.14%
|
3.83%
|
|
528
|
chaturbate.com
|
14.7
|
2725
|
0
|
0.00%
|
0.00%
|
|
|
578
|
nuvid.com
|
2.8
|
884
|
0
|
0.00%
|
0.00%
|
|
|
588
|
spankwire.com
|
3.3
|
1182
|
0
|
0.00%
|
0.00%
|
|
|
591
|
porntube.com
|
2.9
|
734
|
0
|
0.00%
|
0.00%
|
|
|
595
|
pornerbros.com
|
1.9
|
946
|
1
|
0.11%
|
0.20%
|
|
|
607
|
largeporntube.com
|
3.2
|
5750
|
160
|
2013-07-20
|
2.78%
|
8.63%
|
|
676
|
yourlust.com
|
2.7
|
1224
|
0
|
0.00%
|
0.00%
|
|
|
697
|
4tube.com
|
4.3
|
1337
|
0
|
0.00%
|
0.00%
|
|
|
699
|
keezmovies.com
|
3
|
669
|
0
|
0.00%
|
0.00%
|
|
|
707
|
pornhublive.com
|
2.3
|
30
|
0
|
0.00%
|
0.00%
|
|
|
768
|
xhamstercams.com
|
1.8
|
5
|
0
|
0.00%
|
0.00%
|
|
|
780
|
h2porn.com
|
1.8
|
2193
|
1
|
0.05%
|
0.08%
|
|
|
800
|
4chan.org
|
26.7
|
218
|
0
|
0.00%
|
0.00%
|
|
|
804
|
video-one.com
|
13.7
|
1143
|
0
|
0.00%
|
0.00%
|
|
|
825
|
xtube.com
|
12.1
|
805
|
0
|
0.00%
|
0.00%
|
|
|
830
|
sunporno.com
|
2.7
|
360
|
0
|
0.00%
|
0.00%
|
|
|
848
|
porn.com
|
4
|
1281
|
0
|
0.00%
|
0.00%
|
|
|
864
|
perfectgirls.net
|
5.4
|
1958
|
5
|
2013-09-05
|
0.26%
|
1.37%
|
|
883
|
nudevista.com
|
8.7
|
2088
|
1
|
2013-08-03
|
0.05%
|
0.42%
|
|
931
|
redtubelive.com
|
2.8
|
33
|
0
|
0.00%
|
0.00%
|
|
|
942
|
alphaporno.com
|
1.9
|
10472
|
32
|
2013-07-21
|
0.31%
|
0.58%
|
|
1065
|
videosexarchive.com
|
3.8
|
5183
|
0
|
0.00%
|
0.00%
|
|
|
1238
|
hellporno.com
|
3
|
331
|
0
|
0.00%
|
0.00%
|
|
|
1382
|
watchmygf.com
|
1.3
|
11
|
0
|
0.00%
|
0.00%
|
|
|
1806
|
ah-me.com
|
2.7
|
235
|
0
|
0.00%
|
0.00%
|
So, what is going on? Have these sites cleaned up their act? Well, it certainly looks like there has been an improvement (despite the reported infection at xvideos.com above).
Over 46,000 people looked at my previous blog post on the topic, and it was covered by some major news outlets [1] [2] [3] [4] [5]. Reaction was varied, and many porn site operators flatly denied the problem despite the Google statistics indicating otherwise.
So perhaps shining a light on the problem helped to clean it up. Perhaps the spike in malware was a temporary glitch. Perhaps the malware operators are better at hiding what they are doing. I suspect that it is a combination of all three.
Despite the apparent cleanup of these sites, my advice is that you still need to exercise caution. It is very important to make sure that your system is fully patched (you can use Secunia OSI to check if you have a Windows PC), and a combination of Firefox + NoScript is very good at locking down your browser (note that this isn't really for novices). Logging in as something other than an administrator can also help to reduce the impact of malware, and of course a good and up-to-date anti-virus or security package is essential. In addition, Google's Chrome browser is pretty good at picking up malicious sites, and the most dangerous browser to use tends to be Internet Explorer. And if you have Sun's Java platform installed on your system I would strongly recommend that you remove it as that it currently the most popular way of getting your machine infected.
1 comment:
Which antivirus would you recommend these days? I browse a lot of porn sites like youporn, tube8, http://theporndude.com/, pornhub,...and I would like to remain virusfree.
My friends tell me that AVG or kaspersky are the best.
Can you give me your opinion?
Thank you.
Post a comment