iPhone users should not visit these compromised websites
More than 100 publisher websites, including online newspapers and magazines, have been compromised to redirect users from iPhone devices to malicious websites, report various ethical hacking firms.
If an iPhone user visits any of the affected
sites, they could be redirected to a malvertising-plagued website, part of a
process that culminates in the theft of user login data and browsing cookies
thanks to a new malware identified by what experts such as “Krampus-3PC”.
Part of the attack is to display a pop-up with
purported discounts for a grocery store; If a visitor gets to click on the ad,
they will be redirected to a phishing page where the threat actors will try to
collect login credentials to try to compromise other online accounts of the
victim.
In addition, ethical hacking experts claim that
this malware is able to collect the phone numbers of victims, so that hackers
can perform other malicious actions, such as sending phishing SMS messages and
crafting cookie identifiers. “The cookie ID allows Krampus-3PC to take
control of the victim’s browser and extract login credentials”, the report
mentions.
There is still no indication of the identity of
the hackers responsible for this malicious campaign, although its mode of
operation has already been identified. To get started, hackers placed an ad for
distribution through the Adtechstack provider. They then used the platform API
to insert fake code; finally, the provider sold access to publisher pages
without knowing about the presence of the malicious code.
Online publishers and adtech companies often
use popular malware blocking tools to prevent such incidents. However, the
developers of Krampues-3PC provided the malware with the ability to evade
conventional scanning software. The names of the compromised pages were not
disclosed.
Ethical hacking specialists at the
International Institute of Cyber Security (IICS) believe that the creators of
this malware actually invested great resources for its development. In addition,
they rule out the possibility that Krampus creators are inexperienced hackers,
as it is a highly sophisticated development and employs a novel and
difficult-to-stop attack method.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
Gloss