New Reports: Porn’s Role In Cybersecurity Threats Exaggerated

Over the years, literally thousands of articles have been written about the cybersecurity threat posed by online porn. From criminals using porn as bait in phishing emails to bogus porn apps targeting Android devices which promise their users adult content but deliver ransomware instead, the media has been quick to note porn’s involvement when the opportunity arises.

While there’s no question porn sites, apps and ads have been the vector of many cybersecurity threats and exploits, what often gets lost in the media hype is the fact porn has been overtaken by other varieties of hook.

A report published this week by Spamhaus, for example, looks at “the world’s most abused TLDs” in terms of spamming and malware distribution. What you won’t find on the Spamhaus list of the ten most abused TLDs is any of the adult-specific TLDs, like .xxx, .porn or .adult.

Granted, to this day the bulk of porn sites are located on .com. This is likely the reason .com doesn’t make Spamhaus’ most abused list; the sheer number of sites on the .com TLD serves to greatly dilute the percentage of “bad” domains.

Even given this caveat, if porn sites were the incredibly common source of malware infections and spam-based exploits the media coverage would have us believe, you’d expect that fact to be reflected in the reporting from cybersecurity firms, if not in the Spamhaus report.

If you look at recent malware reporting though, porn sites and apps are conspicuous in their absence. In “threat evolution” statistics for Q1 of 2018 reported by Kaspersky Labs/Secure List, for example, there is one example of a ransomware Trojan primarily associated with porn — The Trojan ransomware “Trojan-Ransom.AndroidOS.Zebt.a” – which ranked 14^th on the list of top 20 malware threats, accounting for 1.4% of all detected threats. (By comparison, the #1 threat on the list, “DangerousObject.Multi.Generic” accounted for 70.17% of all detected threats.)

One of the major factors which has led to porn being less present in reports from security firms is the growth in other vectors for malware and other cybersecurity threats. In other words, it’s not so much that the porn space has become “cleaner” with respect to malware and spam, but other conduits for cyberthreats have grown in prominence.

Late last year, when Malwarebytes predicted what the top cyberthreats of 2018 would be, the company pegged the cryptojacking “gold rush” as the top pending threat for the year, in large part because of media focus on cryptocurrencies, their increasing value and the potentially lucrative practice of cryptojacking.

“Our Labs’ findings show no signs of a slowdown in 2018,” said Malwarebytes CEO Marcin Kleczynski. “Hacker tools and techniques are increasing in sophistication and accessibility. We are seeing a new army of cybercriminals coalesce, lured by inexpensive tools and the promise of an easy profit—often publicized and glorified in the media.”

What you won’t find in Malwarebytes’ predictions is any reference to porn, be in the context of sites, apps or email marketing.

Again, none of this to say there is zero association between porn and malware, phishing spam and other forms of exploit. But if there continues to be mainstream media focus on porn as a major factor in the greater cyber-threat landscape, it may be driven more by the desire to get people clicking on headlines than interest in accurately informing readers about the current state of cybersecurity threats.