eGobbler
eGobbler is a group of threat actors that conduct malvertising (corrupted advertising) attacks, especially around a holiday season. A successful attack may install spyware, backdoor Trojans, or other threats for collecting information or letting an attacker take over the device or PC. Users should implement appropriate browser security protocols for preventing attacks and remove eGobbler infections with anti-malware utilities that identify them automatically.
The Ominous Sound of Gobbling Through Your Advertisements
The eGobbler group of threat actors always has been full of hard workers with predispositions for well-designed attacks that hijack advertisement networks for delivering Trojans and other, equally threatening software. New attacks are, on the other hand, implementing themselves with technical feats that the public wisdom holds as being impossible. What's even worse than that is that malware researchers and others in the security industry suspect that eGobbler's true capability for compromising targets isn't being used to its full effect – yet.
eGobbler is known for recurring but short-lived campaigns that run for one or two days and deliver unsafe content through fake advertisements that can, and have, billions of users. The latest of these series of attacks are against iPad and iPhone users with Chrome or Safari browsers, the latter of which being the default for Mac devices. Although ordinarily, such strategies employ redirects, eGobbler's new technique makes a bold choice: pop-ups.
What makes eGobbler's pop-up attacks especially alarming is that they're overcoming built-in sandboxing protections that should keep users safe from the fake advertising content. This bug only is in the Chrome browser, but lets eGobbler run its attack while ignoring pop-up-blocking settings and software. It also bypasses what should be a hard-baked requirement for interaction from the user, which makes an infection require almost no 'mistakes' from a victim.
Feasting on Turkey in Time for Thanksgiving
Chrome's team has received appropriate notifications about the exploit and should roll out a security fix in due time. Until then, users can update their browsers to the latest versions, disable JavaScript, Java, and Flash, and avoid any sites that are running poorly-monitored advertising networks. Users should maintain some additional care about monitoring their interactions with websites that run with suffixes like '.site' or '.world,' both of which link back to eGobbler attacks.
The landing pages for eGobbler exploits may include solicitations for the user's interacting with them, such as offering Walmart gift card rewards. However, there is no single template that malvertising attacks all encompass. When in doubt, scan your device with a compatible anti-malware product after any contact with a suspicious site or advertisement for detecting and removing eGobbler malware before it can cause any damage.
The achievement of the newest eGobbler exploit in overriding the supposedly-impenetrable sandboxing protection is an event that the security industry is noticing with some disquiet. Hopefully, other threat actors will not gain access to the same capabilities, which could make toxic advertisements even more poisonous than before.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.