Skip to content
Log In
Request Trial

Malvertising campaign abuses Chrome for iOS bug to target iPhone users

By | Published

A massive malvertising campaign is exploiting a vulnerability in the Chrome for iOS mobile browser to redirect iPhone and iPad users to adware, scams, and other malicious sites, ZDNet has learned today from Confiant, a cyber-security firm specialized in tracking malvertising campaigns.

The company said it had reported the bug to Google, whose engineers are now investigating the issue.

The bug allows malicious code hidden in online ads to break out of sandboxed iframes (a technology often used to load ad slots) and redirect the user to another site, or show an intrusive popup on top of a legitimate site.

The bug only impacts Chrome for iOS, and no other Chrome version, Eliya Stein, Confiant Senior Security Engineer, told ZDNet today in an email.

Chrome for iOS isn't a Chromium-based browser but runs on WebKit, which is Safari's internal browser rendering engine. However, Stein told us that Safari is not impacted either, meaning this is an issue with Google's Chrome for iOS WebKit implementation only.

Read Complete Article:

Share this story

Subscribe to our newsletter to stay up to date on the latest trends and emerging threats.

Take Us For A Spin

Request a trial and see how it feels to have Confiant on your side.

Request Trial