Malwarebytes researchers say a malware campaign targeting adult sites has switched to social engineering. The Malsmoke campaign uses an old trick to distribute a variant of ZLoader, a banking trojan that made a comeback earlier this year after an absence of almost two years, now used as an info stealer. The campaign focuses on high-traffic adult portals, like xHamster and Bravo Porn Tube, with over 8 million visitors every month. The operators used an email address to register a new domain for the new campaign that was already associated with other domains used in previous operations.
Source: https://www.bleepingcomputer.com/news/security/adult-site-users-targeted-with-zloader-malware-via-fake-java-update/