Iphone security does not work? New malware has infected more than 500 million users
eGobbler has been exploiting a vulnerability in Chrome for iOS system with the purpose of attacking users of iPhone devices with an exploit that gives them malvertising ; It is estimated that around 500 million users worldwide have been infected.
Malvertising is an attack method in which hackers show users harmless-looking advertising; In reality, these ads contain code that redirects victims to websites with malicious content, say the specialists in computer forensics.
Reports on the attack campaign deployed by eGobbler have concluded that this threat actor has infected legitimate ad servers, which it has used to display ads that will display the malicious pop-up window.
The payload used by this group of hackers has two functions: generate money with the ads shown and the ability to redirect the user to fraudulent websites where they will try to extract their personal data or infect with malware. Experts in computer forensics believe that it is a well organized and powerful cybercriminal group to deploy its malicious load.
As for the vulnerability that is being exploited, the Chrome version for iOS works with sandbox technology , which prevents the advertising injection code from interacting with other components in a potentially risky manner.
However, somehow this group of hackers managed to dodge the iOS sandbox environment to deliver the malicious load directly to iPhone users. It is necessary that the security teams of the companies involved know the way in which this happens in order to launch the update patch for the vulnerability.
"It's a really unusual attack campaign; in theory, the iOS sandbox environment should be able to block redirection to malicious sites, however, it has not been able to stop these attacks, "experts from a cybersecurity firm mention.