Unscrupulous Website Ads Again Redirecting Some Users to App Store From Safari

Benjamin Mayo, on a rash of web ads that are redirecting people to App Store links:

This is Apple’s problem to fix, not an attack on the websites shown. All of these websites use third-party networks that are outside of their control — it’s not their decision to cause the redirections. We’ve reached out to Apple for comment on the issue.

Bullshit. If you publish a website with ads, and those ads do scammy things via JavaScript, that’s your responsibility. Of course Apple should close whatever hole these dirtbags are exploiting, but publishers are responsible for the ads they serve.

Update: Mayo’s demo video includes Jason Snell’s Six Colors, the only ads on which are from The Deck — and The Deck, rest assured, is not serving scammy JavaScript redirects. It’s not even possible. So something else is going on here. Seems more like a man-in-the-middle attack — a compromised network or router.

Update 2: Here’s a piece from last week from AraLabs explaining how this hijack works.

Update 3: Jason Snell, “Ad Networks, Redirects, and Assumptions”.

Thursday, 19 March 2015