malicious advertising hits iOS and macOS

Over one billion (1,160,000,000) of advertisements from malevolent nature shown to users in less than two months, more precisely from 1 August to 23 September, by leveraging a bugs identified in browser based on the WebKit engine, starting with Safari. This is what the researchers at Confiant have discovered, according to whom the problem has affected exclusively the platforms of the bitten apple, namely iOS and macOS.

eGobbler hits WebKit on iOS and macOS

The technique made it possible to circumvent the protections put in place by operating systems, forcing a weakness linked to JavaScript and showing advertising in the form of a pop-up or directing users to sites with potentially dangerous content following any interaction with the screen.

Those responsible were identified in the group eGobbler, already known to those who work in the cybersecurity territory for some campaigns of a similar nature implemented in the past. The exploit (CVE-2019-8771) was privately reported to ad Apple in the first days of August, with the Cupertino group that remedied you through the recent release of the updates to iOS 13 and Safari 13.0.1.

READ  Recorder listens and transcribes: the dictation in an app

The eGlobber group's malicious action particularly affects Italy

In April the group exploited the vulnerability CVE-2019-5840 identified in the iOS version of Chrome (resolved with the rollout of version 75) with very similar purposes. The last campaign hit Europe and in particular theItaly, as can be seen from the image attached above.

A curiosity: the name eGobbler is inspired by Gobbler, a name given in 2012 by a vote by American citizens to one of the turkeys pardoned by the US President before Thanksgiving.

Facebook Comments


My name is Michael, Iā€™m professional software developer and blogger, made this website to share my knowledge about everything what you see here šŸ™‚ haha hope you will like that, and do not forget to follow me on my twitter.

You may also like...