{"id":228,"date":"2019-10-09T09:54:55","date_gmt":"2019-10-09T09:54:55","guid":{"rendered":"https:\/\/www.systoolsgroup.com\/blog\/?p=228"},"modified":"2022-10-10T06:30:33","modified_gmt":"2022-10-10T06:30:33","slug":"egobbler-affects-1-billion-ads-though-chrome","status":"publish","type":"post","link":"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/","title":{"rendered":"eGobbler Malvertising Affects 1 Billion Ads in Worldwide Campaign"},"content":{"rendered":"<blockquote>\n<p style=\"text-align: justify\"><em><em><em>Ever heard \u201c<em>We should be very careful while surfing the networks<\/em>\u201d? Of course, you\u2019d because we all know this thing for a long time that cybercriminals and threats are lurking.<\/em><\/em><\/em><\/p>\n<\/blockquote>\n<p style=\"text-align: justify\">Last week security experts disclosed how eGobbler (a malvertising actor) victimized browser bugs and infected about 1 billion programmatic ads in two-months. Researchers also detected a new cryptocurrency crook and an IoT (Internet of Things) botnet launching various DDoS (Distributed Denial-of-Service) attacks. Moreover, they uncovered some new attack campaigns for even more established threats that includes Adwind and Emotet.<\/p>\n<p style=\"text-align: justify\">Those affected are basically iOS and macOS users through the so-called &#8216;zero-day vulnerabilities&#8217;, in both Chrome and Safari browsers.<\/p>\n<div class=\"alert alert-success\"><b><b><b><b><br \/>\n<strong>Recommended Posts<\/strong><\/b><\/b><\/b><\/b><\/p>\n<ul>\n<li><a href=\"https:\/\/www.systoolsgroup.com\/blog\/google-calendars-are-exposing-your-private-information-online\/\" target=\"_blank\" rel=\"noopener noreferrer\" class=\"fw-bold\">Google Calendars Are Exposing Your Private Information Online<\/a><\/li>\n<li><a href=\"https:\/\/www.systoolsgroup.com\/blog\/a-web-exploit-that-has-hacked-iphones-for-years\/\" target=\"_blank\" rel=\"noopener noreferrer\" class=\"fw-bold\">Google Discovered Web Exploit That Hacked iPhones for Years<\/a><\/li>\n<li><a href=\"https:\/\/www.systoolsgroup.com\/blog\/update-your-os-immediately-a-warning-by-microsoft-to-windows-10-users\/\" target=\"_blank\" rel=\"noopener noreferrer\" class=\"fw-bold\">Update Your Windows 10 Immediately &#8211; Warned Microsoft<\/a><\/li>\n<\/ul>\n<\/div>\n<h2><strong>So, What is eGobbler?<\/strong><\/h2>\n<p style=\"text-align: justify\">A series of uncontrolled malvertisement campaigns that have injected malware into thousands of devices, called eGobbler. It was titled eGobbler after generating billions of hits on the campaigns it generated.<\/p>\n<p><strong>gob\u00b7bler<\/strong> means a person who eats greedily and noisily.<\/p>\n<p style=\"text-align: justify\">As per his account information, it has infected WebKit (Safari) and Chrome both with around 1 billion advertisements. According to researches, this group can ramp up their purchase on weekends and holidays. These campaigns stay on the peak around 36-48 hours then, goes in the state of hibernation until the upcoming big push.<\/p>\n<p><strong>Users can easily recognize eGobbler as it uses \u201c.world\u201d TLD in its landing pages.<\/strong><\/p>\n<h2><strong>How it Works?<\/strong><\/h2>\n<p style=\"text-align: justify\">eGobbler is designed in such a manner that it skips all the browser features which blocks all the forceful redirections generated by unauthorized users.<\/p>\n<p style=\"text-align: justify\">Cross-origin inframes that loads resources from the domain other than the parent page, are being used in the forceful redirection endeavors. In some basic cases, the malicious ads try to redirect the parent page like &#8211; <strong>Top.window.location = \u201chttp:\/\/malicious_landing_page\u201d<\/strong>. When this happens the browser security typically prevents this from happening but, eGobbler easily bypasses such browser mechanisms and initiates a forceful redirection to analyze if the user presses any button on the keyboard. All such forceful redirections will succeed on all the non-vulnerable web browsers in case if the sandbox attributes will be absent in the iframe where the ad is displaying.<\/p>\n<p style=\"text-align: justify\">Users will get a pop-up on the parent page even if the sandbox parameters will present. eGobbler hackers use CDNs (Content Delivery Networks) for payload delivery and whenever possible, they leverage subdomains carrying innocuous or famous brands.<\/p>\n<h2><strong>Who\u2019s Affected by eGobbler?<\/strong><\/h2>\n<p style=\"text-align: justify\">eGobbler was first detected in April 2019, informed by Apple and Google. But, the issue was not resolved at that time. Italy and Spain are the two most affect countries by this distributed malicious advertising. Initially, the attack was aimed just for mobile phones so it does not affect Chrome desktop versions but in second detection, the attack also affected WebKit, the search engine used by iOS and macOS in Safari. Attackers used the \u2018onkeydown\u2019, a JavaScript function that gets executed after pressing a key.<\/p>\n<p><img decoding=\"async\" class=\"size-full wp-image-230 aligncenter\" src=\"https:\/\/www.systoolsgroup.com\/blog\/wp-content\/uploads\/2019\/10\/egobbler.webp\" alt=\"eGobbler-malvertisement-attack\" width=\"622\" height=\"360\" loading=\"lazy\"><\/p>\n<p style=\"text-align: justify\">Till now, only Apple has updated its Safari vulnerability and Google is also developing its own solution. This means users who are not using the latest version are highly prone to get affected.<\/p>\n<h3><strong>Final Words<\/strong><\/h3>\n<p style=\"text-align: justify\">Well, this is not the first time we are hearing about the eGobbler group. As we mentioned earlier, the hackers already executed their first major operation in early 2019. Hackers will try to gain your trust to infect your system and access your crucial information. They will overload ads and expect you to visit malware distribution sites. Therefore, be very alert while surfing on the Internet and get some good antivirus programs along with an anti-malware.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ever heard \u201cWe should be very careful while surfing the networks\u201d? Of course, you\u2019d because we all know this thing for a long time that cybercriminals and threats are lurking. <\/p>\n","protected":false},"author":7,"featured_media":231,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"class_list":["post-228","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>eGobbler Exploits More Than 1 Billion Ads Though Chrome<\/title>\n<meta name=\"description\" content=\"eGobbler malvertisement is back and this time it exploits WebKit browsers. About 1.16 billion eGobbler campaign impressions detected from August 1.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tej Pratap Shukla\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/\"},\"author\":{\"name\":\"Tej Pratap Shukla\",\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/#\/schema\/person\/c588bfc2d99a45b01d5927dfc9514340\"},\"headline\":\"eGobbler Malvertising Affects 1 Billion Ads in Worldwide Campaign\",\"datePublished\":\"2019-10-09T09:54:55+00:00\",\"dateModified\":\"2022-10-10T06:30:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/\"},\"wordCount\":621,\"publisher\":{\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.systoolsgroup.com\/blog\/wp-content\/uploads\/2019\/10\/xl-2019-malvertising-1.jpg\",\"keywords\":[\"chrome\",\"cyberattack\",\"egobbler\",\"iPhone\"],\"articleSection\":[\"News\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/\",\"url\":\"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/\",\"name\":\"eGobbler Exploits More Than 1 Billion Ads Though Chrome\",\"isPartOf\":{\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.systoolsgroup.com\/blog\/wp-content\/uploads\/2019\/10\/xl-2019-malvertising-1.jpg\",\"datePublished\":\"2019-10-09T09:54:55+00:00\",\"dateModified\":\"2022-10-10T06:30:33+00:00\",\"description\":\"eGobbler malvertisement is back and this time it exploits WebKit browsers. About 1.16 billion eGobbler campaign impressions detected from August 1.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#primaryimage\",\"url\":\"https:\/\/www.systoolsgroup.com\/blog\/wp-content\/uploads\/2019\/10\/xl-2019-malvertising-1.jpg\",\"contentUrl\":\"https:\/\/www.systoolsgroup.com\/blog\/wp-content\/uploads\/2019\/10\/xl-2019-malvertising-1.jpg\",\"width\":620,\"height\":360,\"caption\":\"egobbler-attack-attack-iphone-through-chrome\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.systoolsgroup.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"eGobbler Malvertising Affects 1 Billion Ads in Worldwide Campaign\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/#website\",\"url\":\"https:\/\/www.systoolsgroup.com\/blog\/\",\"name\":\"SysTools Tech Blog\",\"description\":\"Digest on Trending Technology Issues &amp; Events\",\"publisher\":{\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.systoolsgroup.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/#organization\",\"name\":\"SysTools Software\",\"url\":\"https:\/\/www.systoolsgroup.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.systoolsgroup.com\/blog\/wp-content\/uploads\/2019\/08\/logo-systools.png\",\"contentUrl\":\"https:\/\/www.systoolsgroup.com\/blog\/wp-content\/uploads\/2019\/08\/logo-systools.png\",\"width\":170,\"height\":60,\"caption\":\"SysTools Software\"},\"image\":{\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/#\/schema\/person\/c588bfc2d99a45b01d5927dfc9514340\",\"name\":\"Tej Pratap Shukla\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.systoolsgroup.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/477bdfb87b4a0b6b287b8e9aa10b59e78eb55a1f2f34d4caaa36e2f3754584cc?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/477bdfb87b4a0b6b287b8e9aa10b59e78eb55a1f2f34d4caaa36e2f3754584cc?s=96&d=mm&r=g\",\"caption\":\"Tej Pratap Shukla\"},\"description\":\"A versatile technocrat, always in the search for new and interesting areas related to technology. Works on multiple technical problems faced by users frequently. Provides the user-friendly solutions to deal with numerous technical issues.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/tej-pratap-shukla\/\",\"https:\/\/www.systoolsgroup.com\/assets\/author\/tej.png\"],\"url\":\"https:\/\/www.systoolsgroup.com\/blog\/author\/tej\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"eGobbler Exploits More Than 1 Billion Ads Though Chrome","description":"eGobbler malvertisement is back and this time it exploits WebKit browsers. About 1.16 billion eGobbler campaign impressions detected from August 1.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/","twitter_misc":{"Written by":"Tej Pratap Shukla","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#article","isPartOf":{"@id":"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/"},"author":{"name":"Tej Pratap Shukla","@id":"https:\/\/www.systoolsgroup.com\/blog\/#\/schema\/person\/c588bfc2d99a45b01d5927dfc9514340"},"headline":"eGobbler Malvertising Affects 1 Billion Ads in Worldwide Campaign","datePublished":"2019-10-09T09:54:55+00:00","dateModified":"2022-10-10T06:30:33+00:00","mainEntityOfPage":{"@id":"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/"},"wordCount":621,"publisher":{"@id":"https:\/\/www.systoolsgroup.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#primaryimage"},"thumbnailUrl":"https:\/\/www.systoolsgroup.com\/blog\/wp-content\/uploads\/2019\/10\/xl-2019-malvertising-1.jpg","keywords":["chrome","cyberattack","egobbler","iPhone"],"articleSection":["News"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/","url":"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/","name":"eGobbler Exploits More Than 1 Billion Ads Though Chrome","isPartOf":{"@id":"https:\/\/www.systoolsgroup.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#primaryimage"},"image":{"@id":"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#primaryimage"},"thumbnailUrl":"https:\/\/www.systoolsgroup.com\/blog\/wp-content\/uploads\/2019\/10\/xl-2019-malvertising-1.jpg","datePublished":"2019-10-09T09:54:55+00:00","dateModified":"2022-10-10T06:30:33+00:00","description":"eGobbler malvertisement is back and this time it exploits WebKit browsers. About 1.16 billion eGobbler campaign impressions detected from August 1.","breadcrumb":{"@id":"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#primaryimage","url":"https:\/\/www.systoolsgroup.com\/blog\/wp-content\/uploads\/2019\/10\/xl-2019-malvertising-1.jpg","contentUrl":"https:\/\/www.systoolsgroup.com\/blog\/wp-content\/uploads\/2019\/10\/xl-2019-malvertising-1.jpg","width":620,"height":360,"caption":"egobbler-attack-attack-iphone-through-chrome"},{"@type":"BreadcrumbList","@id":"https:\/\/www.systoolsgroup.com\/blog\/egobbler-affects-1-billion-ads-though-chrome\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.systoolsgroup.com\/blog\/"},{"@type":"ListItem","position":2,"name":"eGobbler Malvertising Affects 1 Billion Ads in Worldwide Campaign"}]},{"@type":"WebSite","@id":"https:\/\/www.systoolsgroup.com\/blog\/#website","url":"https:\/\/www.systoolsgroup.com\/blog\/","name":"SysTools Tech Blog","description":"Digest on Trending Technology Issues &amp; Events","publisher":{"@id":"https:\/\/www.systoolsgroup.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.systoolsgroup.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.systoolsgroup.com\/blog\/#organization","name":"SysTools Software","url":"https:\/\/www.systoolsgroup.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.systoolsgroup.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.systoolsgroup.com\/blog\/wp-content\/uploads\/2019\/08\/logo-systools.png","contentUrl":"https:\/\/www.systoolsgroup.com\/blog\/wp-content\/uploads\/2019\/08\/logo-systools.png","width":170,"height":60,"caption":"SysTools Software"},"image":{"@id":"https:\/\/www.systoolsgroup.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.systoolsgroup.com\/blog\/#\/schema\/person\/c588bfc2d99a45b01d5927dfc9514340","name":"Tej Pratap Shukla","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.systoolsgroup.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/477bdfb87b4a0b6b287b8e9aa10b59e78eb55a1f2f34d4caaa36e2f3754584cc?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/477bdfb87b4a0b6b287b8e9aa10b59e78eb55a1f2f34d4caaa36e2f3754584cc?s=96&d=mm&r=g","caption":"Tej Pratap Shukla"},"description":"A versatile technocrat, always in the search for new and interesting areas related to technology. Works on multiple technical problems faced by users frequently. Provides the user-friendly solutions to deal with numerous technical issues.","sameAs":["https:\/\/www.linkedin.com\/in\/tej-pratap-shukla\/","https:\/\/www.systoolsgroup.com\/assets\/author\/tej.png"],"url":"https:\/\/www.systoolsgroup.com\/blog\/author\/tej\/"}]}},"_links":{"self":[{"href":"https:\/\/www.systoolsgroup.com\/blog\/wp-json\/wp\/v2\/posts\/228","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.systoolsgroup.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.systoolsgroup.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.systoolsgroup.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.systoolsgroup.com\/blog\/wp-json\/wp\/v2\/comments?post=228"}],"version-history":[{"count":0,"href":"https:\/\/www.systoolsgroup.com\/blog\/wp-json\/wp\/v2\/posts\/228\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.systoolsgroup.com\/blog\/wp-json\/wp\/v2\/media\/231"}],"wp:attachment":[{"href":"https:\/\/www.systoolsgroup.com\/blog\/wp-json\/wp\/v2\/media?parent=228"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.systoolsgroup.com\/blog\/wp-json\/wp\/v2\/categories?post=228"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}