INSUBCONTINENT EXCLUSIVE:
By exploiting zero-day vulnerabilities in Chrome and Safari, cybercriminals were able to serve over 1bn malicious ads to users in less than
a two month period.The attackers targeted both iOS and macOS users by leveraging known zero-day vulnerabilities (which have since been
patched) to inject exploit code which redirected vulnerable users to malicious sites according to the security firm Confiant.The threat
actor eGobbler exploited a zero-day vulnerability in Webkit, the browser engine used in Safari and Blink, the Webkit fork used in Chrome, to
presses down a key on their keyboard
By exploiting the vulnerability, eGobbler was able to allow ads linked in HTML tags called iframes to break out of security sandbox
protections that prevent a user from being redirected without their knowledge.Researcher and engineer at Confiant, Eliya Stein explained how
With the inner frame automatically focused, the keydown event becomes a user activated navigation event, which renders the ad sandboxing
to both Google and Apple's security teams
The vulnerability was fixed in Chrome with the release of iOS 13 and a patch for Safari arrived shortly after with the release of Safari
13.0.1.eGobbler has launched similar campaigns in the past and earlier this year one of its campaigns served an estimated 500m malicious ads
by exploiting a similar vulnerability in the iOS version of Chrome
The threat actor's latest campaign was focused on luring European users to phishing pages based on their mobile provider.Via Ars Technica
