According to cybersecurity firm Confiant, 500 million iPhone users are at risk as hackers launch a large-scale ‘malvertising’ campaign that exploits a security bug in Chrome browser.
Malvertising is when malware is distributed through advertisements and this latest attack exploits the Chrome Browser bug by bypassing its default pop-up blocker and infesting devices.
Malvertising works when the hackers buy ad space in legitimate websites and load them with infected ads. They are particularly tricky because the sites themselves are not infected and the ad providers don’t know they have become a vehicle for the malicious ads until its too late.
Confiant warned these latest attacks were taking place, primarily in the US and the EU and that unsuspecting users were being enticed with lucrative offers such as claiming they had won a gift card.
The problem, Confiant believes lay in the way Chrome’s latest version currently handles pop-up ads. In particular Chrome’s sandboxing features. Confiant said that so far 500 million infected ads had already been distributed.
Like most other web browsers, sandboxing limits the activities of adverts, especially those served through domains other that the pages the browser hosts. This helps stop browsers from being hijacked with pop-ups that could redirect you to infected pages. With Chrome the security bug means it fails to prevent this from happening.
What’s more, Eliya Stein, a senior security engineer at Confiant explained that since the bug was present in the built-in pop-up blocker in Chrome all versions are currently vulnerable.
Confiant identified a threat group known as eGobbler as the hackers behind the campaign. They said that since 6th April eGobbler had launched eight different campaigns. Each campaign lasting between 24 and 48 hours, which went into hibernation and ended when the next campaign began.
While Confiant informed Google by 11th April, the company is waiting for Google to come up with the solution. The search engine giant promised that it would release a full analysis of the bug and how the eGobbler exploit actually works.
Google will be keen to solve this sooner rather than later as it relies heavily on online ads as a key source of revenue. It simply cannot afford to have malvertising campaigns, especially one on this scale, undermining the confidence of users.