Tuesday, March 9, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Malvertiser exploited two browser bugs to show over one billion malicious ads

September 30, 2019
in Internet Security
Malvertiser exploited two browser bugs to show over one billion malicious ads
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Massive malvertising campaign hits iOS users in the US
A malvertising campaign deployed via a high-profile ad platform targeted iOS users across the US. Crooks hijacked over 300 million web sessions. Read more: https://zd.net/2RgwfdR

Over the past six months, a criminal group specialized in showing malicious ads (malvertising) has used two obscure browser bugs to bypass browser security protections and successfully show intrusive popup ads and redirect users to malicious sites.

You might also like

Ezviz C3X outdoor security camera review: Simple setup, superb features Review

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks

McAfee sells its enterprise business to private equity group as it focuses on consumer security

The group’s name is eGobbler and has been active since last Thanksgiving when security researchers spotted its first malvertising campaigns.

eGobbler typically operates in short bursts of activity that only last a few days. During these bursts, the group buys ads on legitimate services but injects malicious code inside the adverts so their exploits break out of the ad’s secure iframe container and perform malicious actions inside users’ browsers, untethered.

Commonly, these actions involve showing popup ads for various shady products, or redirecting the user to a malicious site hosting scams or malware-laced downloads.

Historically, the group has targeted mobile devices, where most users don’t employ ad blockers, and where browsers are not as hardened against exploits as their desktop counterparts, making their campaigns many times more effective.

According to previous reports, eGobbler operates on a massive scale. They were responsible for blasting out a whopping 800 million malicious ad impressions over the Presidents’ Day weekend alone.

Furthermore, the group also has the rare technical skills to find bugs in browsers’ source code. Not many malvertising operations can say this these days, in a landscape where exploit kits usage has been going down due to improvements in browsers security.

First browser bug

Nonetheless, eGobbler found and weaponized its first browser zero-day back in April. The zero-day only impacted Chrome for iOS, and allowed the eGobbler gang to break out of the security sandbox protections that protect advertising iframes, and show their malicious code to users.

They used the exploit to bombard users with popup ads and redirected them to malicious sites.

The bug (CVE-2019-5840) eventually received a patch in June, when Google released Chrome 75, with a fix. Nevertheless, eGobbler continued to use it, even after, targeting users who failed to update their Chrome installs.

Second browser bug

But in a report shared privately with ZDNet last week, Confiant, a cyber-security firm specialized in tracking malvertising campaigns, said the group found a second bug over the summer, right after Google devs patched the Chrome for iOS exploit. It’s like the group intentionally went looking for a new bug to exploit, and found it a few months later, in August.

This new bug impacts WebKit, the browser engine at the core of older Chrome versions, but also Apple’s Safari. Both browsers are impacted. This is because Chrome’s current engine, named Blink, was based on the older WebKit, and still shares some code.

Confiant said this second browser zero-day exploits the “onkeydown” event — a JavaScript function that executes on each keypress. eGobbler have been using it to bombard users with popups when users interact with a site by pressing a key.

For now, according to Confiant, only Apple has fixed this issue, with the release of iOS 13, last week. Google has yet to ship a fix, meaning that Chrome users are still vulnerable.

Expanding to desktop users

Since the “onkeydown” event at the center of this second bug also impacts dekstop browsers, and not just mobile ones, the second bug has also allowed the eGobbler group to expand operations. The group is now also targeting desktop-based browsers, which resulted in an explosion in the group’s activity.

Confiant said that between August 1 and September 23, they’ve seen the eGobbler group ship malvertising code with a “staggering” volume of ads, which they estimate to be up to 1.16 billion impressions.

The group is not targeting iOS users in the US anymore, but have since expanded to desktop browsers and European users, with Italians being hit the hardest.

egobbler-2019.png

Image: Confiant (supplied)
egobbler-2019-targets.png

Image: Confiant (supplied)

As it’s been said many times before — the best way to safeguard against malvertising campaigns, malicious ads, and tracking scripts, is to use a browser extension that can block ads, or install an antivirus product.

Credit: Zdnet

Previous Post

Pay What You Wish — 9 Hacking Certification Training Courses in 1 Bundle

Next Post

How Machines help People find Love

Related Posts

Ezviz C3X outdoor security camera review: Simple setup, superb features Review
Internet Security

Ezviz C3X outdoor security camera review: Simple setup, superb features Review

March 9, 2021
Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks
Internet Security

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks

March 9, 2021
McAfee sells its enterprise business to private equity group as it focuses on consumer security
Internet Security

McAfee sells its enterprise business to private equity group as it focuses on consumer security

March 9, 2021
Everything you need to know about Microsoft Exchange Server hack
Internet Security

Everything you need to know about Microsoft Exchange Server hack

March 8, 2021
Bill establishing cyber abuse takedown scheme for adults enters Parliament
Internet Security

eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’

March 8, 2021
Next Post
How Machines help People find Love

How Machines help People find Love

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Ezviz C3X outdoor security camera review: Simple setup, superb features Review
Internet Security

Ezviz C3X outdoor security camera review: Simple setup, superb features Review

March 9, 2021
Operationalizing AI – Introduction to the ModelOps Pipeline
Data Science

Operationalizing AI – Introduction to the ModelOps Pipeline

March 9, 2021
SCA invests in Australian AI and machine learning company
Machine Learning

SCA invests in Australian AI and machine learning company

March 9, 2021
How Image Annotation Helps in AI Development for Agriculture Sector? | by ANOLYTICS
Neural Networks

How Image Annotation Helps in AI Development for Agriculture Sector? | by ANOLYTICS

March 9, 2021
Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks
Internet Security

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks

March 9, 2021
Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks
Internet Privacy

Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks

March 9, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Ezviz C3X outdoor security camera review: Simple setup, superb features Review March 9, 2021
  • Operationalizing AI – Introduction to the ModelOps Pipeline March 9, 2021
  • SCA invests in Australian AI and machine learning company March 9, 2021
  • How Image Annotation Helps in AI Development for Agriculture Sector? | by ANOLYTICS March 9, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates