Mims's Bits

How the Internet Porn Business Works

Researchers set up adult Web sites to study how the industry makes its money and spreads malware.

Christopher Mims 05/18/2010

  • 12 Comments

A first-of-its-kind analysis of the online porn industry reveals the economics, and the vulnerabilities, of the shady world of online adult media.

If you want to know how the online adult industry works, you must become a part of that industry. That's what five security researchers from The Technical University of Vienna, Eurecom and UC Santa Barbara did in an attempt to get a handle on how the adult industry makes money online. And they found that it's exposing everyone who consumes its wares to previously unsuspected levels of malware.

Peddling Porn in the Name of Science

By setting up their own adult websites, the researchers, who will present their paper on June 7, 2010 at The Ninth Workshop on the Economics of Information Security at Harvard University, discovered that 43% of the clicks that arrived at their own adult website belonged to users whose browsers were vulnerable to a known exploit in either Adobe Flash or handling of the Microsoft Office or Adobe PDF document types.

Lead researcher Gilbert Wondracek and his colleagues spent a total of $160 to acquire 47,000 clicks from sellers of adult traffic, known in the industry as traffic brokers, of which 20,000 could have been exploited to build a botnet, according to the researchers. The researchers discovered that they easily could have leveraged their investment for a hefty profit by serving as the vector for a Pay-Per Install affiliate program, which in one instance offered $130 per 1,000 installs to drop malicious code (malware, adware etc.) onto exploited machines.

To assess how much malicious code is being injected into users' browsers by adult websites, Wondracek et al. custom-built an automated web crawler to download the content of almost a half million URLs spread across thousands of adult websites. Incredibly, 3.23% of those pages "were found to trigger malicious behavior such as code execution, registry changes, or executable downloads," five times the prevalence of malware discovered by previous research on the subject.

In a back of the envelope calculation, multiplying 3.23% by the percentage of internet users who view porn (42.7%) or even just the percentage of men who view porn while at work (20%), by the frequency with which porn is accessed, suggests that internet porn is a major vector for infection of vulnerable machines.

The Peculiar Economics of Online Porn

A likely explanation for the high rates of malware on adult websites is the almost total lack of policing or enforcement by the brokers who move traffic between adult websites. According to Wondracek et al.'s analysis of the economy of online porn sites, 9 out of 10 are "free" sites that host image or video galleries and make money by directing traffic to pay sites or even to one another. This traffic is monetized through traffic brokers - the majority of which do not even visit the sites in their affiliate networks, according to experiments conducted by the researchers.

Unlike online ad placements by Google and affiliate marketing schemes by Amazon, adult sites do not rely on code that resides on the sites sending them traffic that could help verify that traffic is generated by humans and not click bots. As a result, the researchers found that it would potentially be quite easy to defraud not only users, but the traffic brokers and for-pay porn sites that enable the vast ecosystem of free adult media sites. (No users or brokers were actually harmed in the course of this research, which was vetted by the legal department of the Technical University of Vienna.)

The intricacies of the elaborate system of traffic arbitrage that have grown up around the world of porn traffic direction on the web are way beyond the scope of this blog post, but it's possible that the rest of the media world could learn a thing or two from the way that for-pay adult sites have created a seething ecosystem of traffic affiliates constantly skimming clicks and pennies off of one another.

On the other hand, it's just as likely that these techniques wouldn't work for traditional media, because users don't appear to be as motivated to read news as to find porn. How else can we explain the fact that in the course of the experiment, users clicked many times on single links that were randomly directing them to anything but the media they were apparently after - a practice widespread among free porn sites?

Print

Close Comments

To comment, please sign in or register

Forgot my password

kdubb

16 Comments

  • 635 Days Ago
  • 05/18/2010

Solution

Stop using Internet Explorer.

Reply

morgana

1 Comment

  • 635 Days Ago
  • 05/18/2010

Re: Solution

Read more closely. The article states "browser" not Internet Explorer. The article also points to three attack vectors: Adobe Flash, Adobe PDF and Microsoft Office. All cross platform software.

Reply

smithsomian

182 Comments

  • 631 Days Ago
  • 05/22/2010

Re: Solution

There are alternatives to all of these. All of which also happen to be open source.

Gnash > Flash
Sumatra > Acrobat
OO > MSOffice

Reply

gabrielg01

450 Comments

  • 635 Days Ago
  • 05/18/2010

Is this how it really works?

So, is there no "honest" porn business model? All of it relies on scams, and spam?

Reply

teleteria

1 Comment

  • 587 Days Ago
  • 07/05/2010

Re: Is this how it really works?

There are alternatives.
I created www.teleteria.net to give people a fair experience in owning their own adult sites. Visit the site or call me and I will be happy to explain the differnece. We do not engage in the business practices outlined in this article.

Reply

pornforpatric

1 Comment

  • 634 Days Ago
  • 05/19/2010

Did you do any research at all?

This article is definitely not about how the online porn business works.  At least, not the honest porn business that employs thousands of people in the US, pumping dollars into local economies nationwide.

Perhaps retitling the article "How spammers could use porn sites to distribute malware" would be a more appropriate title.

Reply

JamesCybert

1 Comment

  • 634 Days Ago
  • 05/19/2010

misleading title

I agree with previous comments that the title of the article is misleading. It does seem to focus on spamming and scamming in the adult space and not how Internet porn business works.

I've been making an honest living selling adult content for the past 10 years and I've built up one of the largest sites on the planet. All legally.

Reply

Advertisement

ChitChatter

1 Comment

  • 471 Days Ago
  • 10/29/2010

Re: misleading title

Thank's for the link to an 'honest' porn site. I, as a web developer, have had several customers ask for a site of this nature. I haven't spent much time researching, until this evening, due to the myths heard/read about the nature of adult sites.  However, I do want the income generated by this genre. I will be contacting you soon so that I may offer this type of site as a service.  Since it's legal, why not?  I don't think it's immoral due to the fact that it is a part of life or the process of which we all arrive to have a 'life' :) 

The link you provided:  www.teleteria.net

Reply

malcarada

4 Comments

  • 634 Days Ago
  • 05/19/2010

You have no clue

That is not how online porn works, that is how the spammers and malware business works.

You have no clue at all about the online porn business and it is shameful MIT is allowing this smear article on a honest business such as online porn.

You bought traffic online and they served it to you through malware that is about as much as you can say, why are you linking it to porn?

Hell, go out buy traffic for your car sellling website and then come out saying "car business websites work with malware"

Reply

fiskeboller

1 Comment

  • 634 Days Ago
  • 05/19/2010

re: Clue

Hey guys, did you read the paper? "Our analysis shows that there is a broad array of economic roles that web sites in this industry can assume."

So is the issue with the article, title, or findings? If the issue is with the findings, is it with the methods, analysis, or conclusions?

I, for one, find it interesting that the researchers found and documented what appears to be widely applied techniques, and how this impacts the broad context of internet security.

This may or may not apply to how you personally do business.


Reply

mattgroom

290 Comments

  • 633 Days Ago
  • 05/20/2010

I agree

Its wrong to say "just" the porn industry uses malware.... But they didnt say that..i dont think.

They mentioned 3% of porn pages host malware, which of course means that 97% of the porn pages are free of malware or indeed are legitimate and above board which is a fair enough interpretation.

Is the 3% a figure you quoted without reference? Could you furnish figures for others?

I fully expect insurance companies to have a 100% figure, because thats my impression of how they work.Same goes for lawyers and car salesmen.


Im laughing already, could you furnish us with appropriate figures for these others, pretty Please....


Reply

ameliag

1 Comment

  • 629 Days Ago
  • 05/24/2010

47,000 clicks is not a representative sampling

I feel qualified to respond to this because I both have an academic background in social science and I run Blue Blood's SpookyCash affiliate program, which is one of the most successful niche affiliate programs on the net.

First of all, 47,000 clicks is a very small number when you are talking about adult traffic. However, if you bought all of that within a very short time frame from one off-brand traffic broker, then you are also likely to have received repeat clicks from the same sources, making the sample even less representative. Any % of that small a sample is probably indicative of nothing.

Secondly, any study which does not compare its sample to similar samples in other demographics is unable to make any accurate statement about the demographic it is studying. Do some people who surf porn sites, especially free porn sites, sometimes have malware on their machines? Yes. Does this mean that the only place to get malware is an adult site? No. But that is the inaccurate implication here.

Thirdly, while injecting sex into any topic may get it more attention, suggesting that the explicit factor of what one is viewing has anything to do with how vulnerable one's computer is . . . let's just call that egregiously misleading. I mean, yeah, if someone exclusively surfs Eastern European free sites servicing specialized sexual needs content no credit card company would process for, then I imagine you will get malware, because how else are those sorts of sites going to monetize their visitors? But normal legal adult content, particularly paid content on membership sites, is simply not going to be a malware farm. Because the "Internet Porn Business" is about selling adult entertainment, not selling malware.

Lastly, Pay-Per-Install is extremely unpopular with most professionals who do affiliate promotion and that business model was mostly hounded out years ago with the demise of one large PPI program which stripped out affiliate codes. In addition, most professionals with real traffic volume are not going to send that traffic to some shady malware person, no matter what the promised payout, if only for the self-interest of not wanting to be owed payout from a company one already knows is, by definition, crooked.

Reply

Bio

Christopher Mims is a journalist who covers technology and science for just about everybody.

Subscribe to the Mims's Bits RSS Feed

Advertisement

Recent Posts From
Mims's Bits

Blog Topics

crowdfusion malware security super wifi wifi wireless wireless internet access work

Advertisement

Facebook

Advertisement