Websites hacked to host child porn, claims Internet Watch Foundation

Foundation claims hacked websites are storing illegal images, and being linked via legitimate adult content websites

Legitimate websites are being hacked for the purpose for storing illegal images of child sex abuse, according to the Internet Watch Foundation (IWF).

The folder containing criminal images isn't accessible directly from the hacked website, but as redirects from third party websites.

Unusually, the IWF suggests that these are from legitimate pornography websites, rather than hidden and illegal websites specialising in images of child sex abuse - such illicit websites normally try to stay hidden and to keep their material within the circle only of "trusted" users.

According to the IWF, an internet user would be surfing a legal adult content. Upon clicking for an image or video on that site they would unknowingly be redirected to a folder containing the child sexual abuse images on the hacked website. Administrators of both sites would be unaware of the diversion from one site to the other and of the illegal images.

"We hadn't seen significant numbers of hacked websites for around two years, and then suddenly in June we started seeing this happening more and more," said IWF technical researcher Sarah Smith.

She continued: "It shows how someone, not looking for child sexual abuse images, can stumble across it. The original adult content the internet user is viewing is far removed from anything related to young people or children.

"We've received reports from people distressed about what they've seen. Our reporters have been extremely diligent in explaining exactly what happened, enabling our analysts to re-trace their steps and take action against the child sexual abuse images.

According to the strict letter of UK law, the hosts of the hacked websites ought to be prosecuted and put on the Sex Offenders' Register. However, the law is unclear about who is responsible and, therefore, who ought to be prosecuted in such instances.

Some online commentators, though, have expressed surprise that such material should turn up on the public internet, just weeks after the Prime Minister David Cameron demanded that internet service providers do more to eradicate child pornography and implement a default-on content filtering system to shield people from legal pornography.

Such a content filtering system would monitor all web traffic in the UK, regardless of whether someone was opted in or out of the system - precisely the kind of system called for under the criticised Communications Data Bill, which the coalition government is endeavouring to implement for a third time.

According to some reports, though, the material also contains a malware payload, indicating a possible "ransomware" scam, in which people are threatened with being reported to police if they do not pay-up. The IWF has not indicated from where the material may have been uploaded and who - or what organisations - may have been involved