Security News Scareware/Malvertising Campaign Targets iPhones with Privacy-Busting VPN

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
A scareware campaign has been uncovered that pushes a ‘free’ VPN app called MyMobileSecure to iOS users via rogue ads on popular torrent sites. The VPN app itself appears to be real—but researchers say its privacy policies are dubious, at best.

The first interesting thing is the malvertising campaign that’s pushing the app. When using iPhone to visit certain sites, a pop-up page plays an ear-piercing beeping sound and claims the device is infected with viruses.

According to Malwarebytes Labs, the verbiage is almost hysterical: “We have detected that your Mobile Safari is (45.4%) DAMAGED by BROWSER TROJAN VIRUSES picked up while surfing recent corrupted sites.”

Clicking the pop-up takes a person to a fake website advertising the MyMobileSecure VPN, which, it says, will remove “infected applications and files”. Tapping on ‘Remove Virus’ button opens up the App Store to download the app.

“Such alerts on mobile devices are not new and sadly commonplace via may ad networks these days,” said Malwarebytes researcher Jérôme Segura, in a blog. “Usually, aggressive affiliates remunerated per lead will use these kinds of tactics to drive traffic to game apps or even tech support scams.”

From there it gets dicier. In order to activate the free VPN app, users must join the MobileXpression research community. Doing so is the legal equivalent of “opting in” to the company’s privacy policy, which notes that it will be collecting all kinds of information about the user.

Full Article. Scareware/Malvertising Campaign Targets iPhones
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top