silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,057
A massive malvertising campaign is exploiting a vulnerability in the Chrome for iOS mobile browser to redirect iPhone and iPad users to adware, scams, and other malicious sites, ZDNet has learned today from Confiant, a cyber-security firm specialized in tracking malvertising campaigns.
The company said it had reported the bug to Google, whose engineers are now investigating the issue.
The bug allows malicious code hidden in online ads to break out of sandboxed iframes (a technology often used to load ad slots) and redirect the user to another site, or show an intrusive popup on top of a legitimate site.
The bug only impacts Chrome for iOS, and no other Chrome version, Eliya Stein, Confiant Senior Security Engineer, told ZDNet today in an email.
Chrome for iOS isn't a Chromium-based browser but runs on WebKit, which is Safari's internal browser rendering engine. However, Stein told us that Safari is not impacted either, meaning this is an issue with Google's Chrome for iOS WebKit implementation only.
According to Stein, this particular malvertising campaign is the work of a known threat actor named eGobbler, first seen during the Thanksgiving holiday last year.
"We have seen eGobbler flare-ups around major holidays," Stein told ZDNet. Its last flare-up was in February during the Presidents' Day holiday weekend, when eGobbler hijacked as many as 800 million ads over a three-day period to redirect users to tech support scams and phishing sites.
In a report published today and shared with ZDNet, Stein said that eGobbler's latest wave of malicious ads --the ones that abused the Chrome for iOS bug-- had around 500 million impressions during which eGobbler attempted to redirect users from legitimate sites to malicious sites.