Over the last few weeks we’ve been seeing more and more Malware redirecting Mobile users to Porn sites.
The majority of redirects are done through modification of .htaccess files on the server.
Open source CMS (content management systems) like WordPress and Joomla uses the .htaccess file to redirect traffic through the CMS main index.php file so it can then send the user to the proper page.
The Malware appends or overwrites one or more of the systems .htaccess files, adding a check to see if the user is mobile, if they are then they are redirected to a domain that then directs them to the Porn site.
We have seen this where there is a script on the server that finds ALL .htaccess files and changes them.
Fixing these files is pretty simple, however, the script that was uploaded that actually creates these files needs to be found and removed.
Most CMS systems are vulnerable through Themes and Plugins.
The first thing you should do if your site is redirecting to porn from mobile is, scan your site with our Free Malware Scanner.