Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

iOS 9 virus Safari redirection

I keep getting Safari redirection to phishing sites after clearing browsing history.

iPad, iOS 6.1.3

Posted on Oct 3, 2015 10:55 AM

Reply
15 replies

Jul 7, 2017 11:05 AM in response to Frank from Le Claire

I've been having this problem for about two months. Since it is now almost two years since this thread was active I wonder if anyone can direct me to a current solution. I'm experiencing redirects to phishing sites when Using Safari to view videos on Yahoo News. Turning off Javascript prevents the problem but then I can't view the videos! Only happens with Safari not with Firefox or Chrome.

Oct 5, 2015 11:18 AM in response to Frank from Le Claire

While Drudge is assuredly a problem, it may not be THE problem. I'm also experiencing this exploit at findagrave.com...and ad blocker "Purify" is, apparently, ineffective in blocking this JavaScript exploit.


My guess is that both drudge and findagrave (and likely others) are utilizing the same corrupted ad server.


Apple needs to alert its customers to this security breach and beef up its malware protection to eradicate this exploit.


For the record, deactivating JavaScript eliminates the threat (assuming you can function without JavaScript until this gets resolved).

Oct 8, 2015 10:42 AM in response to Doofusdoofus

Thanks Doofusdoofus. It appears you have identified both the problem and the (hopefully temporary) solution.


Until I recently accepted iOS 9 updates, no problem. And still no problem with Drudge and other websites on non-Apple desktop, laptop and old Android smart phone recently replaced with "more secure" Apple 6.


The first time the problem materialized, the pop-up claimed to be from applepress.info and claimed Apple had formed a partnership with my ISP and they wanted to give me a reward to advertise their partnership . . .just push OK. Fortunately, I smelled a rat and ignored the "gift." The pop-up locked the screen and I had to leave Safari to clear it. Unfortunately, it was not a one time thing and the message kept slightly changing.


At roughly the same time, some websites started being redirected and originally there were snippits that indicated crobo or other advertising organizations were responsible. Since Apple's identity was clearly misappropriated, I don't know whether that was also the case with Crobo.


I do know that Apple knew or should have known that a vulnerability was being exploited and has been slow to share that info with users or even, apparently, their AppleCare representatives. Thank goodness for this Forum.

Oct 10, 2015 9:37 AM in response to LLLandBeHappy

LLLandBeHappy wrote:


Thank goodness for this Forum.


Indeed. It's been a week or so since this exploit was noted here but it has not yet gotten any media exposure that I can find. With Drudge among those acting as a vector, you'd think there would be more interest in security related web entities.


Hopefully some high profile coverage will emerge shortly.

Oct 12, 2015 10:04 AM in response to Doofusdoofus

I just visited Drudge and had Safari locked up with a "you've won" banner. I had to go into settings and clear history and website data to get rid of it. So frustrating. This has to be costing Drudge traffic. I'd already slowed my visits as I was tired of the redirects which always ended up at Über.com, but this is the first time my Safari has been completely locked. Now, I'm off to file a report with Apple. They need to hear from us. http://www.apple.com/feedback/iphone.html

Oct 13, 2015 8:31 AM in response to Mmamallama

Mmamallama wrote:


I just visited Drudge and had Safari locked up with a "you've won" banner. I had to go into settings and clear history and website data to get rid of it. So frustrating. This has to be costing Drudge traffic.


Regretfully, you are correct...Drudge is still triggering the exploit as well as findagrave. I had reloaded Drudge multiple times yesterday without any hijacking but today it appeared again.


What this problem needs is some media exposure...which I have yet to find.

iOS 9 virus Safari redirection

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.