The Latest in IT Security

Malicious script blocks browsers on iPhone, iPad and iPod touch

27
Oct
2011

Doctor Web’s engineers received a number of requests from iPad users who were troubled by blocking pop-up windows displayed as they visited certain sites in Safari and other browsers. Investigation into the problem revealed that pop-ups were brought up by malicious JavaScript code embedded into web-pages by criminals.

Earlier Doctor Web issued a report about a similar threat to Android devices.

As far as iOS devices are concerned, the embedded JavaScript code displayed a pop-up window on certain web-sites demanding that a user send a paid short message at the specified number to access the web-site. Pressing OK or Cancel doesn’t close the pop-up and restarting the browser brings up the window again because Safari, in particular, restores the last session automatically.



Similarly to the Android issue, a solution to the iOS problem is quite simple: open the Settings applet, go to the Safari tab, select Delete cookie and data and press Clear in the pop-up window. In the same list select Clear History in order to prevent Safari from resuming the previously interrupted session. Besides, you can open a new Safari tab from any other application (e.g. choose to open an iTunes page), close the remaining tabs including the one blocked by the malicious script.

This method may not work with other browsers for iOS whose settings can only be accessed from the browser window instead of the Settings applet. If your browser doesn’t allow clearing its cache with tools other than its own interface, you may need to take other measures and possibly reinstall the browser. For more detailed information refer to documentation for the respective software.

It should be noted that the malicious scripts do not read the client’s user-agent and a similar window can be displayed by any JavaScript supporting browser under any OS. Addresses of web-sites containing such scripts are added to the Dr.Web parental control database and onto the list of sites that spread malware.

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments