“The malicious code dynamically generates payloads based on HTTP headers, works only on certain mobile devices, avoids detection, avoids administrative users and delays execution,” according to c/side.
Some of the JavaScript files tested included a fake Google analytics link that redirected users to sports or pornography websites. As ic/side warns, the content offered can easily be changed to something more sinister, perhaps something that disrupts users’ browsing experience or steals their data.
Visitors to up to 100,000 websites may be vulnerable to attacks, according to c/side.
Source link