You land on a web page in mobile Safari and all of a sudden you're torn away and dumped into some game on the Apple Store.

We've gotten complaints about this — and experienced it ourselves — for what feels like a couple years. Something causes a web page, when opened, to immediately redirect you to the App Store, almost always to the listing for a popular game. Maybe the perpetrators are hoping you're so enticed by the game you download it even after being hijacked, so they'll get some revenue, direct or affiliate. But it deplorable and, even after a couple of years, it's unclear how and why it keeps happening.

Apple patched Safari iOS 8 in an effort to prevent just this kind of behavior from happening. It slowed things down for a while, but other methods of circumvention certainly seem to have been found. The original assumption was that it was caused by bad-actor ads inserting code to bust out of their frames and force a redirect to iTunes. Now it seems like it's more complicated than that, because it also seems to be happening on sites without any ads capable of doing that.

Jason Snell recently wrote about it on Six Colors as a follow up to Ben Mayo's post from 9to5Mac. Here's what Jason had to say:

If Mayo is seeing this behavior on Six Colors, though, we have to assume that something else is at work, such as:

  • Exploitation of a bug in Safari that puts the browser in a particular state even after it's left a page contaminated with that code
  • JavaScript firing in a different Safari tab/window, making Mayo misapply blame for the behavior
  • Interception and rewriting of page code by a carrier, ISP, or even a compromised wireless router

It could be all of the above, and more. It could be a complex attack with elements in ads, caches, browser exploits, compromised routers, bad ISPs or carriers, or bad certificates on devices.

Certainly it's the responsibility of ad brokers to make sure they never approve any ads containing any code that behaves this way, and of sites like iMore to make sure we ban anything that gets through. It's still a wild web out there in many ways, however, and some brokers and sites might be okay with this kind of behavior.

If it really can persist beyond the original point of contact, it might be worth checking to see if it's left anything behind. To see if you have any profiles installed on your iPhone or iPad you can't account for, go to Settings > General > Profiles (at the bottom). If you're experiencing the problem, you can also try wiping your Safari cache. That's in Settings > Safari.

We'll keep looking into it, and I'm sure others will as well, and update when we have more information.