SecureMac, Inc.

Computer security news. Just for Macs.

Get the latest computer security news for Macs and be the first to be informed about critical updates. Industry news, security events and all you need right at your fingertips. Malware threats change daily, so keep up to date on the latest developments to help ensure your privacy and protection. You can never be too safe.

New Malvertising Campaign Targets iOS Users with Data-Hoarding VPN

Posted on April 17, 2017

With the huge volume of ads displayed on sites across the Web today, it’s no surprise that bad actors view them as a window to reach vulnerable users. A new malvertising threat has appeared for iOS users. This time, it’s not about infecting your iOS devices directly — instead, it’s designed to coerce users into installing software that monitors and tracks their online activities. It does this by masquerading as a VPN, or virtual private network. VPNs are often useful for providing yourself with greater privacy protections while browsing online by concealing your real IP address. What happens with this particular malvertising attack, and how can users avoid it?

You may find the malicious ads appearing on popular torrent websites. After a user clicks on one of these ads, it sends them to a website that creates notifications claiming a Trojan horse infection has occurred. Worse still, the site plays a continuous, high-pitched beeping tone to encourage users to act quickly. The site claims that the user’s Safari browser has suffered a severe infection and offers an app to download as a remedy. This app, called My Mobile Secure, is a VPN in name only. Users are lead to believe they must use this app to avoid further infections.

So, what does My Mobile Secure actually do as an app? It is a front for a marketing company called MobileXpression, whose business model centers around analyzing user activity across the web. In other words, once a user creates an account in the app, MobileXpression gains access to all their Safari activity and browsing habits, as well as device information and other activity. The MobileXpression site even goes into depth to tell you that they are collecting all your activity information, so there is no illusion of privacy.  Unfortunately this is contained in the “fine print” which most users skip or don’t read.

The good news is that it’s easy to avoid this problem if you do not click on suspicious ads. Installing an ad blocker is not a bad idea in an age where more malicious advertisers hit the web every day. It’s also important to note that My Mobile Secure is not indicative of how VPNs should really work. Trustworthy VPNs only provide a secure tunnel to the Internet for you; they do not collect data on what you do with the VPN connection. If you decide to look for a VPN to help protect from threats and privacy invasions, always look for a reputable, well-known provider.

Join our mailing list for the latest security news and deals