Just in time for the holidays comes a malware named Krampus, the creature that punishes the bad children during the holiday season. The program is impacting iPhone users only — and actively seeking them — and appears to hijack those who visit specific online newspapers and weekly news magazines, with some based in the UK.
Discovered by The Media Trust, a U.S.-based advertising tech company, the malware brings up a popup advertising that looked like a grocery store reward spot, and asked for personal information. But instead, in the background, the program accessed a user's country and also their online cookies, which meant the hackers could also log on to online accounts of those who had been compromised. They also captured details, like someone's phone number, even if a victim didn't enter that detail into the fake pop up ad.
The malware captures cookies which lets hackers log on to users accounts
Called Krampus 3PC, the malware is particularly slithery. Once a user activated the program, Krampus 3PC could then get control of the browser, sending users to fake sites, and if there were other tabs open — like those for a bank — it could get into those accounts even during a later time, said The Media Trust.
The ad tech firm discovered the malware in October, and found it was active during that month and also November, and had traveled to other countries, not just readers in the UK. The program also managed to get around malware blockers, noted the report.
Specific publishers were not named by the The Media Trust in their report. Users who spot fake ads and popups should close their browser immediately — although by then the access may already have happened. But it goes without saying, people should never enter information about themselves into random popups that appear on their screen promising savings on their grocery bill, or frankly anywhere.