Malvertising campaigns, in which malware is distributed through advertisements, have become a common norm nowadays. But, the latest malvertising campaign that’s been specifically targeting iOS users can easily be categorized as among the biggest of all such campaigns observed in the past eighteen months.
According to the findings of security vendor Confiant, large-scale malvertising attacks have been launched by the infamous threat group eGobbler that exploits a security bug in the Chrome browser to bypass its default pop-up blocker and infect iOS devices.
Reportedly, iOS users in the US and various European Union countries are the primary targets in this campaign, which has been active for a week. Apparently, millions of iOS users are currently at risk. Confiant identified this campaign immediately after it was launched on April 6. The company claims that so far over 500 million infected ads have been distributed.
The campaign involves trapping the iOS user with a lucrative offer that states the user has won a gift card. The landing pages used in the scam are hosted on a high-profile domain that is already known to be associated with eGobbler.
It is also observed that eGobbler has launched eight individual campaigns and more than “30 fake creative,” while every fake ad campaign lasts somewhere between 24 and 48 hours and afterward these go into hibernation and end abruptly when the next campaign starts.
Read Complete Article: https://www.hackread.com/hackers-exploite-unpatched-chrome-bug-iphone-users/