"Malvertisers Exploited Browser Zero-Day to Redirect Users to Scams"

The ScamClub malvertising group exploited a zero-day vulnerability in the WebKit web browser engine to deliver malicious payloads that redirect users to scams offering gift cards. WebKit is used in Chrome on iOS and Safari. Over the past three months, ScamClub campaigns have served as high as 16 million malicious ad impressions in a day. The volume of ads pushed by ScamClub malvertisers is so large that the number of malicious ad impressions during a single campaign is still significantly high even if most of the ads are blocked. According to the ad security and quality controls company Confiant, a 1 percent improvement in ScamClub's redirection rate can lead to tens of thousands of impacted impressions during a single campaign. A Confiant security engineer and researcher recently shared their discovery of ScamClub's reliance on a vulnerability in the WebKit that enables the circumvention of the iframe sandboxing policy. This article continues to discuss ScamClub's broad targeting and the large volume of malicious ads that the group pushes, as well as the ScamClub malvertisers' exploitation of a zero-day vulnerability in WebKit to redirect users to scams. 

BleepingComputer reports "Malvertisers Exploited Browser Zero-Day to Redirect Users to Scams"

 

Submitted by Anonymous on