Jump to content

website with pop-up scam is not blocked


Recommended Posts

I would like to point out that, on iOS 12.2, with Malwarebytes beta 1.3.3 protection, opening the site

https://www.iphoneitalia.com/

, which never happened until an hour ago, is redirected to link simular to this and appear  repeatedly the following pop-ups of which I attach the screenshots, despite the active block in the Safari settings.

http://bestlucky.site/prize/it-lucky/lp1.php?c=2jz2q4gfz3cz0&k=69275d645cfcbde52ba80374fc5a0f8b&country_code=IT&country_name=Italy&region=Piemonte&city=Turin&isp=Telecom%20Italia&lang=it&os=iOS&osv=12&browser=Safari&browserv=&brand=Apple&model=iPhone&marketing_name=iPhone&tablet=2&rheight=0&rwidth=0

thanks1C8C5E52-5DED-4F81-B2B1-7A1795EC345E.thumb.png.33043d50d30599c156fd94f88a7b24f5.png69B6FC2F-AC2B-421B-892B-5A0EF2227AC3.thumb.png.645f15afea9d4bbd461adfd32095029e.pngEEE70C81-ABDA-4913-83FF-65246A7BE84F.thumb.png.0dc83b8437bb5017874c1963300b6a7f.png

I also attach Malwarebytes version screenshots

43CBAD56-181F-40EF-9907-B6E7D7F28C6D.thumb.jpeg.96e581e3a258bc37b10300cbbc5302e5.jpeg

 

Edited by AdvancedSetup
removed live hyperlink
Link to post
Share on other sites

Not seeing that at all here. Must be a malvertised ad. What other ad blocker are you using?

Edited by alvarnell
Link to post
Share on other sites

A malicious or nefarious URL may alter content due to the User-Agent but the site in question would be considered for blocking by all applications.

It is possible that there is ad-rotation or random display in-action here.  It is also possible that a malicious URL may require a malvertiser referral, may be dependent upon GeoIP, may only show malicious or nefarious content once per IP, may be dynamically generated and not static and other variables.

Link to post
Share on other sites

9 hours ago, David H. Lipman said:

A malicious or nefarious URL may alter content due to the User-Agent but the site in question would be considered for blocking by all applications.

The reason I asked is that the database for Chrome and Firefox beta extensions are managed completely separately from the one used by Malwarebytes 3, so it there's a fair bit of confusion on where to report issues.

Link to post
Share on other sites

Whether or not a possibly malicious and/or nefarious URLs is presently not being blocked is not an issue with a given product.  If they are not blocked, they should be submitted in;  Newest IP or URL Threats .  Malwarebytes' personnel will determine how each product will implement a block on that site if it is warranted.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.