large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Getting annoying Chrome pop ups on your iPhone? This could be why

Getting a load of annoying pop-ups when surfing the web on Chrome on your iPhone XS or iPad Mini? This nasty “eGobbler Malvertising Campaign” could be why.

The campaign was spotted by researchers at security firm Confiant and reportedly leverages a vulnerability in Chrome to target iOS users with dodgy pop-ups.

The campaign’s reportedly been running for quite a while and has a tendency to get particularly aggressive during holidays, so you may want to be extra vigilant this Bank Holiday.

Related: Best VPN

“We’ve attributed the flurry of activity to a known threat actor called eGobbler — so named after the huge volumes of hits that their campaigns generate,” Explained Confiant researcher Eliya Stein in a blog post.

“This group has a tendency to ramp up their buying around holidays and weekends. Typically these campaigns peak in volume over a period of 36–48 hours before going into a state of hibernation until the next big push.”


Image Credit: Confiant

Confiant didn’t disclose what the messages do to victim devices but the hackers have reportedly already targeted over 500 million sessions. Worse still, according to Confiant the flaw being targeted still hasn’t been fixed by Google.

“We will be offering an analysis of the payload and POC exploit for this bug in a future post given that this campaign is still active and the security bug is still unpatched in Chrome as of this blog post,” read the blog post.

“The Chrome team was notified of the bug with a working POC on April 11th and is currently investigating the matter. They responded in a timely manner within several hours of the report. We look forward to eventually sharing how this circumvention was accomplished.”

Related: Best anti-virus

Trusted Reviews has reached out to Google for comment on the report and will update this article when it hears back.

In the meantime the pop-ups are reportedly easy to spot as they all have the “.world” TLD for their landing pages, as shown in the example message above.

Nervous about the dodgy pop ups? Let us know on Twitter @TrustedReviews

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.