Author |
Topic: IPad attacks? |
Richard Sinkler
From: aka: Rusty Strings -- Missoula, Montana
|
Posted 14 Apr 2017 6:25 am
|
|
Both my wife and I occasionally get pop-ups saying:
"Dabtracking.com says:
Congratulations Customer!
Your iPad has been randomly selected to receive a $1000 gift card!
And then an "OK" button."
This is the first time I decided to search out what this is. The popup locks up your browser. You can use the home button and use other apps, but going back into your browser brings up the locked up situation. I use Chrome and my wife uses Safari, so it isn't browswer specific. You can't close the tab where the popup is, nor can you switch to another tab. The only way I have found to get out of it is to shut the iPad down and restart it.
Neither my wife or I have clicked on the OK button, knowing that things like this can be malicious, so we don't know for sure what will happen. I dig try to pull up the website, dabtracker.com, but it says FORBIDDEN. YOU DON'T HAVE PERMISSION ... blah blah blah...
Any info? Does this happen on Android tablets? _________________ Carter D10 8p/8k, Dekley S10 3p/4k C6 setup,Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112,Ibanez Gio guitar, Epiphone SG Special (open E slide guitar) . Playing for 54 years and still counting. |
|
|
|
Rick Barnhart
From: Arizona, USA
|
Posted 14 Apr 2017 7:01 am
|
|
pm sent _________________ Clinesmith consoles D-8/6 5 pedal, D-8 3 pedal & A25 Frypan, Pettingill Teardrop, & P8 Deluxe. |
|
|
|
Wiz Feinberg
From: Mid-Michigan, USA
|
Posted 14 Apr 2017 7:19 am
|
|
You can use your settings to get to your installed browser apps and clear their caches and history. This will remove the popups until to encounter a hostile ad or compromised WordPress website again. Or, you can install an anti-virus/anti-exploit app that works on Apple devices. _________________ "Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Jim Park
From: Carson City, Nv
|
Posted 22 Apr 2017 4:40 pm Ipad attack
|
|
Rich,
it happens all the time....... here's how I fix that, from the Safari page that is locked up, press the home button once, tap the Settings icon, once you are at the General tab, scroll down on the left side of the page until you see Safari. Tap on Safari, on the right side almost to the bottom, right above advanced, you will see "Clear History and Website data" in blue. Tap that box and Safari will return to normal. |
|
|
|
Richard Sinkler
From: aka: Rusty Strings -- Missoula, Montana
|
Posted 23 Apr 2017 9:51 am
|
|
I use Chrome. I have cleared the history and cache several times, and they come back. _________________ Carter D10 8p/8k, Dekley S10 3p/4k C6 setup,Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112,Ibanez Gio guitar, Epiphone SG Special (open E slide guitar) . Playing for 54 years and still counting. |
|
|
|
Wiz Feinberg
From: Mid-Michigan, USA
|
Posted 23 Apr 2017 10:51 am
|
|
Richard Sinkler wrote: |
I use Chrome. I have cleared the history and cache several times, and they come back. |
It appears to me that your browser or browsers and or iPad have become infected with an Adware Trojan.
I would recommend stopping and uninstalling Chrome. Restart the iPad. If it has any anti-malware app, use it to scan for security concerns. Otherwise, visit the Apple Apps store (whatever it is called) and find a legitimate anti-malware or anti-virus app and install it. Scan for malicious files and apps, especially rootkits.
If the scans show no remaining security concerns, use the native browser to visit the previously offending websites. If there are no pop-up ads, either continue using the built-in browser, or install a fresh copy of Chrome. Check out the settings to see what, if anything, you can do to improve its security level.
Most browser infections are accomplished via Flash and Java exploits and Cross Site Scripting attacks. Hostile ads use JavaScript to inject malicious redirects and launch vulnerability probes against visitors' browsers. The tighter the browser's security, the less likely it is to be unknowingly compromised.
If none of the above removes these pop-ups, assume that your device may have become compromised with a Rootkit. The best recourse is to hard-reset it to factory specs, removal of the battery (if possible) and starting over with approved Apps and the best security program you can afford to install.
I am not an Apple device owner and probably never will be, so my suggestions may seem disconnected to those using these devices. _________________ "Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Dave Potter
From: Texas
|
Posted 24 Apr 2017 5:45 am
|
|
Wiz Feinberg wrote: |
I am not an Apple device owner and probably never will be |
I've tried to stay out of this, but since it seems to be a continuing saga, my curiosity's a bit piqued.
I decided to load dabtracking.com in Firefox. The page returned this image:
I looked up dabtracking.com in whois.domaintools.com, and it turns out "Felicia Allen" just registered the domain on 1Apr17 with GoDaddy.com. So it's new. There isn't much on the internet about it.
Investigating further, I examined the image on dabtracking.com inside Firefox for links, and the "Click Here" button has one, sure enough, to spnccrzone.com. Not a lot of info on that one either, Googling it. I did try to load it in Firefox, and my ASUS router's built-in malware protection, powered by Trend Micro, instantly flagged it and said "Don't Go There". I didn't.
This appears to be data mining to me. Googling it, I ran across this article that says people who fall for the scam and click on the image get asked for their personal information. There's a fool born every day - but I'm not one of them (most of the time).
One last observation - It does appear that there's some kind of malware that's making this keep popping up on Richard's devices. What's interesting is that when I loaded dabtracking.com into Firefox, my add-on "Blur" that's designed to obfuscate my presence on the internet indicated no "trackers" on that page, none, zero. All I could find was the link in the "Click Here" button that linked to a questionable re-direct site. So far, I have no indication of anything on my system as a result of all this. |
|
|
|
Richard Sinkler
From: aka: Rusty Strings -- Missoula, Montana
|
Posted 24 Apr 2017 8:55 am
|
|
What's puzzling is, my wife and I have sepatate iPads. Happens on both. Mine is Chrome, and her's is Safari. I use Webroot, but not sure it affects malware. I never thought of having to use malware software on here since uou always here that Apple products don't get viruses and malware due to there OS.
I see Malwarebytes has mobile protection. Does it work well? I use it on my PCs, and it works well. It may well be worth it to put on my mobile products. _________________ Carter D10 8p/8k, Dekley S10 3p/4k C6 setup,Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112,Ibanez Gio guitar, Epiphone SG Special (open E slide guitar) . Playing for 54 years and still counting. |
|
|
|
Wiz Feinberg
From: Mid-Michigan, USA
|
Posted 24 Apr 2017 2:28 pm
|
|
Richard Sinkler wrote: |
What's puzzling is, my wife and I have sepatate iPads. Happens on both. Mine is Chrome, and her's is Safari. I use Webroot, but not sure it affects malware. I never thought of having to use malware software on here since uou always here that Apple products don't get viruses and malware due to there OS.
I see Malwarebytes has mobile protection. Does it work well? I use it on my PCs, and it works well. It may well be worth it to put on my mobile products. |
Malware authors are well paid to craft exploits for Apple devices and Linux computers. There are similarities between Apple OS and some versions of Linux and Unix. So, to think your i device can't get infected is to believe in the tooth fairy.
Both Malwarebytes and Trend Micro offer protection of mobile devices. I happen to use Lookout Mobile Security, which is free for me through its partnership with Metro PCS. It is also available for i devices through the Apple store _________________ "Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Dave Potter
From: Texas
|
Posted 25 Apr 2017 5:35 am
|
|
Richard Sinkler wrote: |
I use Webroot, but not sure it affects malware. |
Have you seen this?
Speaks poorly of Webroot, IMO.
|
|
|
|
Wiz Feinberg
From: Mid-Michigan, USA
|
Posted 25 Apr 2017 8:20 am
|
|
Richard;
Is it safe to assume that you or your wife have NOT jailbroken (Rooted) your iDevices? Hopefully, this is true. Any malware you acquired lives in Userland and can be found and irradicated.
If not, a hardware based Rootkit (aka: "Bootkit") could have been installed into the chipset responsible for booting the devices (aka: "BIOS"). This probably cannot be removed without sending the devices to an Apple repair depot for chip replacement or new motherboards. _________________ "Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Richard Sinkler
From: aka: Rusty Strings -- Missoula, Montana
|
Posted 25 Apr 2017 10:27 am
|
|
No jailbroken devices. Doesn't happen on her iPhone, I don't think. I'ved had Lookout before on phones I have had. I'll have to check it out for my ipad.
If it was something planted into the hardware of our iPads, I will go to an Android tablet, which I'm sure has it's share of problems. But they have come down in price, and is looking real good to me.
I have other problems too. Most of the time I have to hit an icon or button twice to get something to happen. It is horribly slow. This was given to me brand new for a band I was in, so I can't complain too much. _________________ Carter D10 8p/8k, Dekley S10 3p/4k C6 setup,Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112,Ibanez Gio guitar, Epiphone SG Special (open E slide guitar) . Playing for 54 years and still counting. |
|
|
|
Dave Potter
From: Texas
|
Posted 25 Apr 2017 2:48 pm
|
|
Richard Sinkler wrote: |
If it was something planted into the hardware of our iPads, I will go to an Android tablet, which I'm sure has it's share of problems. |
I don't want to get into an Andoid/Apple issue here. But we've been Android forever with our mobile devices - I've always considered the iOS mystique to be overblown and overpriced. Android has served us well for many years. And obviously, we're not alone in that, given its success in the market.
If you decide to switch, you won't be sorry. Obviously, Android's not immune from malware threats either. But the OS is well done and user-friendly. You would probably enjoy it. |
|
|
|