Krampus-3PC malware redirects iPhone users to phishing pages

Krampus-3PC malware redirects iPhone users to phishing pages

iPhone users who visited certain publishing websites that were compromised by a malvertising campaign may have gotten an unwelcome visit from the holiday Krampus.


No, not the mythical monster that punishes naughty children around Christmastime. In this case, we’re referring to Krampus-3PC, a new mobile malware that seeks out victims’ device and session cookie information and in some cases redirects users to a malicious pop-up designed to phish sensitive data from them.


The Media Trust’s Digital Security & Operations (DSO) team last October first detected Krampus-3PC redirecting iPhone users who visited certain online publishing websites. Since that time, more than 100 such sites – many of them U.K.-based newspapers and international weekly news magazines – have been compromised via malicious ads that were distributed via an unknowing accomplice: the adtech provider Adtechstack.


Site visitors who viewed these ads were silently attacked, without any user action necessary. Once the ad’s creative tag was loaded, the Krampus-3PC malware would gather device and user session data and perform a series of checks to determine if the victim fit the attackers’ profile for malicious ..

Support the originator by clicking the read the rest link below.