A malicious actor has been leveraging a Google Chrome browser exploit to deliver malvertisements to iOS users, including a campaign earlier this month during which 500 million user sessions were exposed to a session hijacking attack.

Dubbed eGobbler by researchers at Confiant, the threat actor from April 6-10 ran a massive operation consisting of eight individual campaigns and more than 30 fake creatives. Each mini-campaign lasted around two days and had its own unique targeting, although most affected publishers were based in the U.S.

In a company blog post, Confiant researcher Eliya Stein said the operation was among "the top three massive malvertising campaigns that we have seen in the last 18 months."

Read Complete Article: https://www.scmagazine.com/home/security-news/high-volume-egobbler-malvertising-campaign-exploits-zero-day-chrome-bug/