A new bug is used to deliver malicious ads on iOS

A new bug is used to deliver malvertisements on 500+ million iOS devices.
Researchers are saying that this is one of the biggest malvertising campaigns in the last 18 months. Responsible for it is the eGobbler hacker team, that is exploiting a cybersecurity bug which is present in Google’s Chrome browser for iOS.

For those who don’t know eGobbler is the hacker team that has launched in the past a total of eight individual malvertising campaigns that have targeted iOS users in the US.

The hacker group has also managed to place over 30 malicious advertisements on legitimate but previously compromised ad servers and used cloaked intermediate CDN domains as part of their ad delivery. The CDN domains are used to host the payload that performs the actual redirect and/or the pop-up.

Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;

All targeted users are being redirected to a scam named: “You’ve won a gift card” which is hosted on a high profile web domain.
For the moment there is no fix for this bug but Google is currently working on a fix for it, also the company did not make any comment for the current situation.

The bug lays in the way Chrome for iOS handles pop-ups. Funny is the fact that even an ad protection method called sandboxing is responsible for the unwanted situation.

All browsers, including Chrome, incorporates ad sandboxing features to ensure that any code used to insert ads into a Web page only has limited ability to interact with other components. Its main purpose is to prevent malicious advertisements from hijacking browser sessions via pop-ups.
During the inspection of the malvertising campaign, it was found that the Chrome sandboxing exploit was developed by the eGobbler hacker team by leveraging Chrome’s built-in pop-up blocker. All versions of Chrome on iOS are affected because the eGobbler exploit allows the hacker to redirect a user with a pop-up.

As soon as Google find a fix for the problem, cybersecurity researchers will release a full analysis of the bug. For the moment it is not clear whether eGobbler is exploiting the same old Chrome bug used in the past, but chances are high to be true.

We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.