The eGobbler malvertising threat actor has made a return, this time exploiting a WebKit vulnerability used primarily by iPhone’s Safari browser. Security researchers from Confiant estimate up to 1.16 billion impressions have been compromised since the start of the latest eGobbler campaign, on August 1.
While people are usually wary of opening an infected email, they might not exercise the same caution when browsing online for a new pair of shoes. This is precisely what threat actors like eGobbler focus on.
eGobbler is what the security industry calls a malvertiser, which seeks to resemble a regular company trying to sell online advertising. The problem arises when ads exploit vulnerabilities in browsers, usually redirecting users to malware-laden websites ready to infect unprotected or out-of-date devices.