American iOS users have been targeted in a malicious advertisement campaign that sent users to scam and porn sites. According to security company Confiant, these attacks have existed for a while already, but the company noticed a clear peak on the 12th of November.
The malicious advertisements that were displayed on all kinds of sites, were able to hijack nearly 300 million browsing sessions in 48 hours. Advertisements were nearly only shown to American iOS users. As soon as the advertisement loaded in the browser of those users, they were automatically redirected to adult sites or gift card scams which were mainly used for phising.
Interestingly, many redirects also passed a URL in the Google Play Store, which according to Confiant was to boost download numbers of an app. With the redirects the cybercriminals likely tried to impersonate legitimate app downloads.
Advertisements were purchased from a top-5 advertisement exchange network, which apparently didn’t have proper security checks in place. Users should be aware of the attack, currently no antivirus and internet security engines like Google Safebrowsing detected the landing pages used in the attack as malicious.