What you need to know
- More than a billion popups were able to exploit bugs in Apple's WebKit and Blink, which powers Chrome.
- A bug spotted in August was very similar to one used in April by the same group.
- eGobbler is the group behind the malicious ads.
Reports today from TNW suggests that Malvertiser eGobbler was able to exploit "obscure" bugs in WebKit and Chrome to hit iOS and macOS users with over 1 billion malicious popups in less than two months.
According to TNW:
The research revealing this was carried out by Cybersecurity firm Confiant, who has been tracking eGobbler. Confiant raised awareness of an exploit in Chrome back in April of this year. Google fixed this in Chrome 75 on June 4. However, at the beginning of August Confiant claims that another eGobbler payload similar to the first was discovered. They note:
This new bug was reported to Chrome and to Apple, the Chrome team submitted a patch to WebKit on August 9, and Apple released a fix on September 19 in iOS 13, and September 24 in Safari 13.0.1 Despite Confiant raising the alarm quickly, they estimate that between August 1 and September 23, 1.16 billion malicious ads were viewed as a result of the flaw.
The news is proof that security is one of the most important reasons as to why you should try to keep all your software as up to date as possible.
Stephen Warwick has written about Apple for five years at iMore and previously elsewhere. He covers all of iMore's latest breaking news regarding all of Apple's products and services, both hardware and software. Stephen has interviewed industry experts in a range of fields including finance, litigation, security, and more. He also specializes in curating and reviewing audio hardware and has experience beyond journalism in sound engineering, production, and design.
Before becoming a writer Stephen studied Ancient History at University and also worked at Apple for more than two years. Stephen is also a host on the iMore show, a weekly podcast recorded live that discusses the latest in breaking Apple news, as well as featuring fun trivia about all things Apple. Follow him on Twitter @stephenwarwick9
Keep your software up to date, and honestly, use an Adblocker (sorry iMore).
Thank you for signing up to iMore. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.