Skip to main content

RedTube malware security breach confirmed

Do you visit RedTube.com? Of course you don't. Nobody does!

Still, somewhere out there are 300 million visitors which go to that site every month, and as IBTimes reports (opens in new tab), some of them might have been exposed to malware targeting their personal information.

In a blog post (opens in new tab) by security company Malwarebytes, it stated that RedTube.com was a victim of a security breach, where the hackers placed an iFrame code in the source code of the main page.

The code redirected the visitors to a malicious website which then attempted to install malware on the victim’s computer.

Hackers managed to breach RedTube’s infrastructure, Malwarebytes said:

“The existence of the iFrame in the main page source code is evidence enough to say that RedTube servers were likely hacked by malicious actors who had access to the main page source code, adding the malicious code and then setting it loose on RedTube users”, it says in the blog post.

Once the victim gets redirected, the site uses the vulnerability in Adobe’s Flash to drop malware onto the person’s disc.

The malware the exploit kit drops is part of what is known as the Kazy Trojan family, which the security company says is known "for stealing personal information from users as well as installing browser helper objects that spread pop-up ads, some redirecting to additional exploit pages and therefore more malware infections,” IBTimes writes.

The site confirmed the breach on Sunday, 15 February.

According to website monitoring service Alexa, RedTube is the 128th most popular website on the internet.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.