Jump to content
MAXBAR1

website with pop-up scam is not blocked

Recommended Posts

I would like to point out that, on iOS 12.2, with Malwarebytes beta 1.3.3 protection, opening the site

https://www.iphoneitalia.com/

, which never happened until an hour ago, is redirected to link simular to this and appear  repeatedly the following pop-ups of which I attach the screenshots, despite the active block in the Safari settings.

http://bestlucky.site/prize/it-lucky/lp1.php?c=2jz2q4gfz3cz0&k=69275d645cfcbde52ba80374fc5a0f8b&country_code=IT&country_name=Italy&region=Piemonte&city=Turin&isp=Telecom%20Italia&lang=it&os=iOS&osv=12&browser=Safari&browserv=&brand=Apple&model=iPhone&marketing_name=iPhone&tablet=2&rheight=0&rwidth=0

thanks1C8C5E52-5DED-4F81-B2B1-7A1795EC345E.thumb.png.33043d50d30599c156fd94f88a7b24f5.png69B6FC2F-AC2B-421B-892B-5A0EF2227AC3.thumb.png.645f15afea9d4bbd461adfd32095029e.pngEEE70C81-ABDA-4913-83FF-65246A7BE84F.thumb.png.0dc83b8437bb5017874c1963300b6a7f.png

I also attach Malwarebytes version screenshots

43CBAD56-181F-40EF-9907-B6E7D7F28C6D.thumb.jpeg.96e581e3a258bc37b10300cbbc5302e5.jpeg

 

Edited by AdvancedSetup
removed live hyperlink

Share this post


Link to post
Share on other sites

Not seeing that at all here. Must be a malvertised ad. What other ad blocker are you using?

Edited by alvarnell

Share this post


Link to post
Share on other sites

I only use Malwarebytes beta solely for the protection of Safari (both Web and Ad-Block)

Share this post


Link to post
Share on other sites

the problem mysteriously seems to have disappeared;  it remains to understand why it was not blocked

Share this post


Link to post
Share on other sites

@David H. Lipman,

Is that Forum used by the iOS Beta team for their database?

@MAXBAR1,

I suspect whatever malvertising that was had moved out of the ad rotation, so was no longer causing redirects. 

Share this post


Link to post
Share on other sites

A malicious or nefarious URL may alter content due to the User-Agent but the site in question would be considered for blocking by all applications.

It is possible that there is ad-rotation or random display in-action here.  It is also possible that a malicious URL may require a malvertiser referral, may be dependent upon GeoIP, may only show malicious or nefarious content once per IP, may be dynamically generated and not static and other variables.

Share this post


Link to post
Share on other sites
9 hours ago, David H. Lipman said:

A malicious or nefarious URL may alter content due to the User-Agent but the site in question would be considered for blocking by all applications.

The reason I asked is that the database for Chrome and Firefox beta extensions are managed completely separately from the one used by Malwarebytes 3, so it there's a fair bit of confusion on where to report issues.

Share this post


Link to post
Share on other sites

Whether or not a possibly malicious and/or nefarious URLs is presently not being blocked is not an issue with a given product.  If they are not blocked, they should be submitted in;  Newest IP or URL Threats .  Malwarebytes' personnel will determine how each product will implement a block on that site if it is warranted.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.