Jump to content

Regarding web ads redirecting to the App Store


Recommended Posts

Guest Rene Ritchie
Posted

You land on a web page in mobile Safari and all of a sudden you're torn away and dumped into some game on the Apple Store.

 

We've gotten complaints about this — and experienced it ourselves — for what feels like a couple years. Something causes a web page, when opened, to immediately redirect you to the App Store, almost always to the listing for a popular game. Maybe the perpetrators are hoping you're so enticed by the game you download it even after being hijacked, so they'll get some revenue, direct or affiliate. But it deplorable and, even after a couple of years, it's unclear how and why it keeps happening.

 

Apple patched Safari iOS 8 in an effort to prevent just this kind of behavior from happening. It slowed things down for a while, but other methods of circumvention certainly seem to have been found. The original assumption was that it was caused by bad-actor ads inserting code to bust out of their frames and force a redirect to iTunes. Now it seems like it's more complicated than that, because it also seems to be happening on sites without any ads capable of doing that.

 

Jason Snell recently wrote about it on Six Colors as a follow up to Ben Mayo's post from 9to5Mac. Here's what Jason had to say:

 

If Mayo is seeing this behavior on Six Colors, though, we have to assume that something else is at work, such as:

 

  • Exploitation of a bug in Safari that puts the browser in a particular state even after it's left a page contaminated with that code

  • JavaScript firing in a different Safari tab/window, making Mayo misapply blame for the behavior

  • Interception and rewriting of page code by a carrier, ISP, or even a compromised wireless router

 

It could be all of the above, and more. It could be a complex attack with elements in ads, caches, browser exploits, compromised routers, bad ISPs or carriers, or bad certificates on devices.

 

Certainly it's the responsibility of ad brokers to make sure they never approve any ads containing any code that behaves this way, and of sites like iMore to make sure we ban anything that gets through. It's still a wild web out there in many ways, however, and some brokers and sites might be okay with this kind of behavior.

 

If it really can persist beyond the original point of contact, it might be worth checking to see if it's left anything behind. To see if you have any profiles installed on your iPhone or iPad you can't account for, go to Settings > General > Profiles (at the bottom). If you're experiencing the problem, you can also try wiping your Safari cache. That's in Settings > Safari.

 

We'll keep looking into it, and I'm sure others will as well, and update when we have more information.

 

ba51b0a66e83499d9f0c7ffaac56b3d1.gif

 

 

cda779794b91dcff2aea6c2b9e606136._.png

6e488355dbb7adf1d7f6bb81de9c7c9c._.gif

5a24bcb29d53880fcee6de590ec8d1fe._.gif

 

d32f244437493dc468aafcda37b1842f._.gif48eebd82d5adb01360f8e95175264f5c._.gifd0cba02aab86545b0b7bc3e136865b66._.gif

 

Continue reading...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...