The number one porn site is offering a bug bounty to researchers who discover malvertising attacks.

PornHub has listed its bounty program on the HackerOne platform with restrictions on security scope. Hackers must report their findings within 24 hours not use automated tools in the process and must not interrupt the normal activities of the site.

The site administrators have cautioned that: "Security is a top priority at PornHub. If you believe you've found a security bug in the services listed in our scope, we will be happy to work with you to resolve the issue promptly and ensure you are fairly rewarded for your discovery."

The site, which has 60 million visitors per day, will pay between US$50 and up to $US25,000.

Malvertising has affected many porn sites with infected ads that lead to exploit kits like Angler and Magnitude which ultimately deliver ransomware.

Exclusion from the bounty program includes social engineering, denial of service attacks, and physical data center intrusions.

Source: The Register