Amassive “malvertising” campaign is targeting iPhone users by exploiting a vulnerability in the Chrome for iOS browser.
“Malvertising,” short for malicious advertising, is essentially a technique in which a bad actor leverages legitimate web advertising to hide underlying code that can hijack a browser session and redirect users to a malicious page.
Worringly, security researchers at Confiant have come across a large-scale malvertising campaign that squarely targets iPhone users who use Google Chrome.
According to those researchers, a malicious entity known as eGobbler has infected legitimate advertising servers to deliver their malicious ads. Since the campaign started 10 days ago, eGobbler has successfully delivered ads to roughly 500 million iOS users.
The ads are just the vehicle for the malicious code, however. The malvertising campaign also exploits a vulnerability in Chrome to bypass its built-in pop-up blocker and sandboxing mechanisms.
The pop-ups that are able to make it through, can then hijack a user’s browsing section and redirect them to a malicious landing page.
Read Complete Article: https://www.idropnews.com/news/massive-malvertising-campaign-targets-chrome-users-on-iphone-ipad/102931/