A group of cybercriminals that specialize in displaying malicious ads has abused an unpatched zero-day vulnerability in WebKit-based browsers to break security restrictions and redirect users from legitimate portals to shady sites hosting online gift card scams.
The attacks were first identified in June 2020 and are still active today; however, patches for zero-day WebKit were released earlier this month.
According to a relationship from cybersecurity firm Confiant, shared with ZDNet last week, the culprits behind the attacks are a group formerly known as ScamClub.
Active since 2018, this group operates by buying large amounts of advertising space across multiple platforms in the hope that some of its bad ads will pass through security checks.
Since it was first discovered nearly three years ago, ScamClub has typically targeted iOS users with malicious ads that often redirected users to sites hosting online scams trying to collect users’ financial informationon.
His most recent operation also follows this pattern. In a campaign that …
Read more from source
Copyright @ www.zdnet.com
- According to this source Malvertiser abused WebKit zero-day to redirect iOS and macOS users to shady sites
- Check the more updates related to Apple Tips and Apple news now.
I hope you love this news please Share your love by following us on Facebook and Twitter for the latest apple news informationon and updates like Malvertiser abused WebKit zero-day to redirect iOS and macOS users to shady sites
from our channels.