iOS 9 virus Safari redirection
I keep getting Safari redirection to phishing sites after clearing browsing history.
iPad, iOS 6.1.3
I keep getting Safari redirection to phishing sites after clearing browsing history.
iPad, iOS 6.1.3
I've been having this problem for about two months. Since it is now almost two years since this thread was active I wonder if anyone can direct me to a current solution. I'm experiencing redirects to phishing sites when Using Safari to view videos on Yahoo News. Turning off Javascript prevents the problem but then I can't view the videos! Only happens with Safari not with Firefox or Chrome.
Clear the history then close the app (double click on the home button, find Safari and slide it up to close it) then start Safari again.
Already tried closing Safari then clearing history - have done it multiple times on both iOS 9.0.2 iPhone 6s and 3rd Gen iPad. Problem reappears after short browsing activity. Do Not Track is On, always blocking Cookies, Fraudulent Website warning is On.
It is a browser hijack, nothing you have done would affect it. You are returning to the website that has been hijacked is whey you are getting it again. Since it uses javascript you can turn that off and avoid it. And notify the website where you are seeing it.
Drudge website is the problem. I have taken off my favorites.
While Drudge is assuredly a problem, it may not be THE problem. I'm also experiencing this exploit at findagrave.com...and ad blocker "Purify" is, apparently, ineffective in blocking this JavaScript exploit.
My guess is that both drudge and findagrave (and likely others) are utilizing the same corrupted ad server.
Apple needs to alert its customers to this security breach and beef up its malware protection to eradicate this exploit.
For the record, deactivating JavaScript eliminates the threat (assuming you can function without JavaScript until this gets resolved).
Thanks Doofusdoofus. It appears you have identified both the problem and the (hopefully temporary) solution.
Until I recently accepted iOS 9 updates, no problem. And still no problem with Drudge and other websites on non-Apple desktop, laptop and old Android smart phone recently replaced with "more secure" Apple 6.
The first time the problem materialized, the pop-up claimed to be from applepress.info and claimed Apple had formed a partnership with my ISP and they wanted to give me a reward to advertise their partnership . . .just push OK. Fortunately, I smelled a rat and ignored the "gift." The pop-up locked the screen and I had to leave Safari to clear it. Unfortunately, it was not a one time thing and the message kept slightly changing.
At roughly the same time, some websites started being redirected and originally there were snippits that indicated crobo or other advertising organizations were responsible. Since Apple's identity was clearly misappropriated, I don't know whether that was also the case with Crobo.
I do know that Apple knew or should have known that a vulnerability was being exploited and has been slow to share that info with users or even, apparently, their AppleCare representatives. Thank goodness for this Forum.
Another aspect of this exploit is that the pop ups will occasionally reference my general location or identify my service provider. Not sure if that's relevant or not, but there it is.
LLLandBeHappy wrote:
Thank goodness for this Forum.
Indeed. It's been a week or so since this exploit was noted here but it has not yet gotten any media exposure that I can find. With Drudge among those acting as a vector, you'd think there would be more interest in security related web entities.
Hopefully some high profile coverage will emerge shortly.
It appears that Drudge is no longer triggering the exploit. The top banner is now static and I'm thinking he may have taken down the compromised ad server. Can anyone else confirm?
I just visited Drudge and had Safari locked up with a "you've won" banner. I had to go into settings and clear history and website data to get rid of it. So frustrating. This has to be costing Drudge traffic. I'd already slowed my visits as I was tired of the redirects which always ended up at Über.com, but this is the first time my Safari has been completely locked. Now, I'm off to file a report with Apple. They need to hear from us. http://www.apple.com/feedback/iphone.html
Mmamallama wrote:
I just visited Drudge and had Safari locked up with a "you've won" banner. I had to go into settings and clear history and website data to get rid of it. So frustrating. This has to be costing Drudge traffic.
Regretfully, you are correct...Drudge is still triggering the exploit as well as findagrave. I had reloaded Drudge multiple times yesterday without any hijacking but today it appeared again.
What this problem needs is some media exposure...which I have yet to find.
You are trying to get media coverage that the Drudge Report has been browser hijacked? Why don't you just tell them?
I have problem after clearing all data on iOS. Issue repeats if clicking ANY clean link posted inside iMessage. Cant believe that iMessage is corrupting. It has to be IOS safari.
iOS 9 virus Safari redirection