Thousands of websites are showing porn instead of ads. Domain takeover fiasco

Over the past few hours, some of the world’s biggest news sites, such as The Washington Post, HuffPost and New York Magazine, have been showing pornography instead of normal content. Apparently, this incident was caused by the use of the vid.me domain, which incorporates streaming videos into its articles.

The vid.me domain has remained inactive for approximately four years and its ownership has been transferred to different actors repeatedly over the years.

The incident was reported by a user, who even posted a thread on Twitter with all the examples he found:

The affected websites surprised their readers by displaying adult content with no relevance to published articles. In some cases, users can still log into the affected websites and find this published content, which shows that the administrators of these platforms do not know exactly what they are dealing with.

Affected websites rely on streaming provider Vidme to include video content. This process relies on HTML iframes to display the videos hosted on the vid.me domain.

The problem is that Vidme has been inactive since 2017, when the platform shut down its operations. Their home page even displays a farewell message.

A later statement noted that the platform had been acquired by GIPHY, so the removal of all videos hosted on the website would be scheduled for mid-December 2017. This meant that iframes incorporating hosted videos would show nothing or display an error message.

According to whois results, domain ownership vid.me were updated sometime this month. The user who detected this incident believes that the domain eventually expired and was acquired by the company 5 Star Porn; this company redirects all vid.me links to its adult platform. In other words, all websites that included Vidme content via iframes now display pornography.

Some members of the cybersecurity community have tried to contact 5 Star Porn to confirm this hypothesis, although the company has not yet commented on it.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.