Pernicious Mobile Ads Now Hijacking, Redirecting Some Users From Safari to iTunes

Pernicious Mobile Ads Now Hijacking, Redirecting Some Users From Safari to iTunes Advertising Security & Privacy When it comes to malicious advertising, there are dangerous adverts which threaten your computer's security or your personal information, and then there are the ads which are as annoying as they are pointless and stupid.

iOS users are getting hit this week from a new wave of adverts from the latter category. Benjamin Mayo of 9to5Mac reports that he has basically been forced to give up on browsing on his iPhone because adverts embedded on sites ranging from Reddit to Buzzfeed to MacStories are currently redirecting his iPad to the iTunes app store.

As you can see in the proof video show below, the adverts are hijacking the web browser and redirecting it to iTunes as soon as the webpage is fully loaded - and before you have time to read any of the content:

The trick you see in the video is similar to tricks that a more malicious advert would use to redirect your PC or Android device to a site where it could be hacked. Only in this case the users is being dumped on the listing pages for certain iOS apps, presumably in the hopes that the victim would install the apps.

I'm not sure why anyone would think that is a good audience recruitment tool, but more importantly I have to wonder why they wasted the exploit.

This is (at a minimum) the second time that someone has found a way to hijack Safari and redirect users to iTunes. Apple fixed what ever loophole was exploited last time, and released that fix as part of iOS 8, but someone has found a new flaw to exploit.

Based on the complaints on twitter, this issue only started showing up in the past week or so, and it's not affecting all iOS users.  It's also not a serious threat, more of a nuisance, but let's hope it gets fixed soon.

image by William Hook

Nate Hoffelder

View posts by Nate Hoffelder
Nate Hoffelder is the founder and editor of The Digital Reader: He's here to chew bubble gum and fix broken websites, and he is all out of bubble gum. He has been blogging about indie authors since 2010 while learning new tech skills at the drop of a hat. He fixes author sites, and shares what he learns on The Digital Reader's blog. In his spare time, he fosters dogs for A Forever Home, a local rescue group.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to top
%d bloggers like this: