{"id":321710,"date":"2019-10-01T09:00:14","date_gmt":"2019-10-01T07:00:14","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=321710"},"modified":"2019-10-01T09:01:40","modified_gmt":"2019-10-01T07:01:40","slug":"web-exploit-served-over-1-billion-malicious-ads-to-apple-users","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/321710-web-exploit-served-over-1-billion-malicious-ads-to-apple-users.html","title":{"rendered":"Web exploit served over 1 billion malicious ads to Apple users"},"content":{"rendered":"<p>Attackers from eGobbler have delivered over one billion malicious adverts over the past two months, according to security firm <a href=\"https:\/\/blog.confiant.com\/malvertiser-egobbler-exploits-chrome-webkit-bugs-infects-over-1-billion-ads-6b8ccc41b0e6\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Confiant<\/strong><\/a>.<\/p>\n<p>These ads were targeted primarily at macOS and iOS users, and leveraged zero-day vulnerabilities in versions of Chrome and Safari.<\/p>\n<p>&#8220;If we take a snapshot of eGobbler activity from Aug. 1\u2014 Sep. 23, 2019 then we see a staggering volume of impacted programmatic impressions,&#8221; said Confiant.<\/p>\n<p>&#8220;By our estimates, we believe up to 1.16 billion impressions have been affected.&#8221;<\/p>\n<p>According to Confiant, eGobbler has used two major browser exploits over the past six months.<\/p>\n<p>The first, which it first reported on in April, impacts Chrome for iOS up until version 75, while the second &#8211; first uncovered on 7 August &#8211; was fixed in iOS 13\/Safari 13.0.1 on 19 September.<\/p>\n<h3 class=\"my-4\">How the exploits work<\/h3>\n<p>For the first exploit, Confiant <a href=\"https:\/\/blog.confiant.com\/massive-egobbler-malvertising-campaign-leverages-chrome-vulnerability-to-target-ios-users-a534b95a037f\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>said<\/strong> <\/a>that eGobbler used traditional cloaking techniques and obfuscation to make its payloads look like real adverts.<\/p>\n<p>However, what was different about eGobbler&#8217;s exploit was how it leveraged pop-ups to spawn a new window or tab.<\/p>\n<p>This was surprising because modern browsers tend to have particularly strong pop-up blockers. Tests found that the built-in pop-up blocker of Chrome on iOS consistently failed to block these adverts.<\/p>\n<p>While the second exploit looked similar to the first, Confiant said that there was a key difference.<\/p>\n<p>&#8220;This time around, however, the iOS Chrome pop-up was not spawning as before, but we were in fact experiencing redirections on WebKit browsers upon the \u2018onkeydown\u2019 event.&#8221;<\/p>\n<p>Confiant said that both exploits have since been patched.<\/p>\n<h3 class=\"my-4\">Now read: <a href=\"https:\/\/mybroadband.co.za\/news\/security\/321638-tech-can-save-us-from-big-brother.html\" rel=\"bookmark\">Tech can save us from big brother<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"<p>Attackers from eGobbler have delivered over a billion malicious adverts to Apple users over the past two months.<\/p>\n","protected":false},"author":341039,"featured_media":90023,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[605,1567,691,36626,985],"class_list":["post-321710","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-apple","tag-chrome","tag-ios","tag-macos","tag-safari"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/321710"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/341039"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=321710"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/321710\/revisions"}],"predecessor-version":[{"id":321726,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/321710\/revisions\/321726"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/90023"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=321710"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=321710"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=321710"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}