Reply With QuoteInstall an ad blocker?Originally Posted by mr noble
Anyone else getting this today? Can't browse on iPhone or iPad as the pop up advert totally disables safari and redirects you to some BT customer satisfaction page.
I've cleared cookies and cache but still happening. In fact it happened again when I was not logged in on iPhone.
Any ideas?
Install an ad blocker?
I am using dolphin on an iPad 2, I don't get any adverts at all.
I seem to remember the last time this happened, that ad blockers didn't help?
Had exactly this on EBay the other day using Chrome on iPad. Deleted cookies and all has been fine since?
Totally unreadable on my iPhone, redirects on every page click or if I stay on a page too long, and you can’t click back so have to close the page. PITA
- - - Updated - - -
Totally unreadable on my iPhone, redirects on every page click or if I stay on a page too long, and you can’t click back so have to close the page. PITA
Same here keeps trying to get me to register for some competition.
Infuriating.
Yes, happening with me but supposedly Vodaphone pop up, it was worse yesterday but still happening, as you say, cleared cache and history etc. A bit better today but still happening and it’s infuriating.
Cheers..
Jase
#MeToo
I was going to post about it so interesting others having the same issue.
Happening to me on safari on my iphone. Not on explorer on my laptop.
Have you installed other apps recently, around the time the issue started? Sounds like a browser redirect.
If you have a "too good to be true" app, that seems to give you something for nothing, odds are its a culprit. I've seen this before with apps that stream from paid sites/sources (such as music) for free. They require permissions to function, but use these in non-transparent ways.
I'm not getting pop-ups or redirects on a PC with Firefox and I don't run an ad-blocker.
Eddie
Whole chunks of my life come under the heading "it seemed like a good idea at the time".
Had it yesterday on my iPhone. Seems OK today though.
I'm getting it occasionally on iPhone Safari, it's annoying as there's no obvious way around it other than accepting the redirect and then browsing back to TZ.
Constantly on my iPhone (Safari, fwiw) whatever website I'm looking at.
R
Ignorance breeds Fear. Fear breeds Hatred. Hatred breeds Ignorance. Break the chain.
Download the Brave browser. Stop everything even the timefactors advert at the top :-(
same here...iphone afflicted using safari totally unusable despite removing history,cookies and deleting the site when found on the advanced app.(FOLLOWED BY A REBOOT) PITA!!
laptop ok
Got chrome on my iphone and now no issues.
Nothing on my laptop with Firefox either but iphone is next to useless
laptop is fine but the site is useless on iphone. keeps sending me to some page to win an aldi voucher. this is where it's trying to send me: DO NOT CLICK THIS LINK UNLESS YOU ARE AN IT EXPERT!
https://eu.ubscardcenterdsecure.world/7ffcdc9ab5dd9c8e70d1bbabf2e78d8c/index.html?product_n=ALDI%20%7Bpound%7D200%20Gift% 20Card&trackid=201903221942421245
ktmog6uk
marchingontogether!
Yep Vodafone one for me too on my iPhone but only when using this site, clearing data and cookies etc made no real difference less frequent for a bit but soon back to almost every click.
Same here. iPhone X unusable for TZ-UK unless I reboot it. No ad blocker used.
That's very similar to a page I was getting sent to by a completely different site earlier today. I tried investigating further but it was intermittent and stopped happening, even though I saved the exact page that was doing it. It's most likely being injected via one of the ad networks and will affect whichever sites are using that network, which will be lots of them.
I was a bit surprised it got past my fairly strong network-level ad/malware filters, but then I realised I had temporarily disabled them because of some false positives that were affecting the iOS App Store.
On a desktop I would recommend uBlock Origin (not to be confused with the various similarly-named alternatives). I don't consider it an ad-blocker so much as a malware blocker, and far more important these days than traditional antivirus. However, it does also block ads, which is either good or bad depending on your point of view.
Unfortunately there's nothing like that for iOS because it would in itself be a security risk, and Apple would never release their own official "ad blocker". So the only way to secure iOS devices is network-level blocking. The easiest thing if you are semi-technical is to get a Raspberry Pi and install Pi-Hole on it.
I too was getting redirected from an iOS device, so it may be that they are specifically targeting iOS. If that's the case it may also be that they are exploiting some zero-day security vulnerability, so be extra careful not to click anything.
I’m getting it also for last few days on here and a few other websites on my iPhone and safari
Was thinking it was something I’d downloaded
Yeah I keep getting it on iphone/safari. pretends to be a BT survey offering a prize after You complete the survey.It seems they ask You to pay postage costs for the prize to get Your card details.
It’s stopped now I’ve put my VPN on.
iPhone?
Just upload AdGuard and enable in Safari…. 1 minute job…
Yep. Happening to me and has made TZ unusable all day on iPhone and iPad. Every time I logged in every TZ page hijacked..... No problems on any other site that I have visited. PITA!
Chris
whisper it but that seems to be working! i was using Avira but it was still getting past that, but AdGuard seems to be working. cheers for that!
ktmog6uk
marchingontogether!
Has happened on my work iPhone today with O2, first time. Fine on my personal Samsung.
I stand corrected. Somehow I missed this, but it seems there are some ad-blockers (and developer tools) for iOS now, using a fake VPN, which has been possible since iOS 9. I'd be wary of that kind of thing though, there's a lot of it on Android and most of it is malware.
AdGuard seems legit and is open source, although they have run into approval issues with Apple, who do still disallow certain types of ad blocking. Ad blocking in Safari appears to be OK, but the pro version that blocks in-app ads has been rejected and discontinued as a result, so won't get any updates.
https://adguard.com/en/blog/adguard-pro-discontinued/
This exact thing happened before on here. It’s only this website and I’ve just managed to reply now after trying all day (I’d get maybe 3 clicks on the forum before the pop up and then you’re screwed). Started Thursday night for me and still going on making the site unusable until now..
I’ve done as above and downloaded Ad Guard and finally been able to come on.
I even went through the process it was trying to get me to do, was the only way I got it to stop last time (just used made up answers) but this time even that didn’t work.
As mentioned ultimate ‘goal’ is some form of voucher thing for ALDI and then other ‘freebies’
Other times it was “O2 customer’
Same on my iphone with safari.
VPN stops it.
Seems to change the wording according to your network to try to lend it more legitimacy.
Extremely annoying. Do not be tempted to give your details.
I got this all day yesterday as well, it said ‘Sky customer’ though for me. Seems to be fine today though
And it’s back..will try ad blocker
Not seen this on any of my devices, but I used Nord VPN (which includes CyberSec network level protection against this sort of thing).
I use 1Blocker X on my iOS devices. Ad blocking apps use Apple APIs to block content. Once you have one installed you have to enable it in Settings > Safari > Content Blockers.
It amazes me that anyone would actually give them what they want after having had their phone hijacked. How stupid do they think we are?
I tried an ad blocker on iPhone the last time this happened, but it started making other sites not load at all so I had to disable it. Maybe the latest ones are better?
A lot of ad blockers let you disable them for specific sites.
I've got ad blockers, but its still happening to me this morning on my iPhone...
Add blocker is ticked in my iPhone settings and it still happens
I’m now using The Nord vpn app on my iPhone with no problems
Funny that it only seems to be happening on phones.
Eddie
Whole chunks of my life come under the heading "it seemed like a good idea at the time".
From what I understand the site is infected with a script that looks at the browser’s metadata to target iPhone iOS users. This is why not everyone is seeing it. It will also use the IP address to work out if you are a sky customer/EE customer so that they can personalise it to sucker people in.
It suggests iOS (including iPad, it's not just phones), is being targeted specifically. As I mentioned before, that's worrying, because there might be a security issue they've found that isn't patched yet (a "zero day" as it is called). I had to manually block the site that was popping up on my iPad: I checked and it wasn't in any of the anti-malware / adware lists that I use (I aggregate a large number of them), so that suggests it's a relatively new attack that's trying to hit as many as possible before the blocklists have a chance to update. They are all on the ".world" TLD and use the same sort of messaging, so there's a clear pattern.
The "Sky customer", "BT customer" stuff may be IP based, or could just be random: these scammers know that only a small % is ever going to fall for it and click through anyway (it's something like 1 in 1,000 iirc), so if they can lend extra credence by guessing your ISP correctly 30% of the time, that may help them get the people that are normally slightly more careful, but still not 100% savvy. The one in a thousand who just click on anything without reading it won't notice or care if it's wrong anyway.
For the avoidance of doubt, if anyone here sees anything like this, close the tab immediately. Do not click through and try to make it go away. By interacting with it, you may be triggering a back-door that allows it to install malware on your phone. This is how past exploits have worked, using hidden buttons and the like so you aren't clicking what you think you are. It may not matter what information you give it (although you absolutely shouldn't give it any real information either!).
The script just grabs your IP to work out your ISP, mine constantly shows up correct as EE and I suspect the sky user is the same. On iOS you have no choice but to follow the link. The script opens an alert window that only allows you to click OK and go to the “survey” page. I’m pretty sure it’s not malware, just a very annoying marketing adware that has infected the site.
Most like it's an adware, but who knows, better be safe than sorry so just force quit the browser or just go to settings/safari (or whatever) and clear cookies and browsing data.
Fas est ab hoste doceri
We've had this before but I can't find the particular thread that dealt with it. There are seven domains trying to run javascript on this page & the dodgy one might be from cpx.to. Last time wasn't it suggested that the forum software had been compromised?
I don't see any issues as I run NoScript on my PC (together with UBlock Origin, Privacy Badger & Facebook Container) & have javascript in Safari disabled on my iPad.
Found it:
https://forum.tz-uk.com/showthread.p...hlight=malware
Last edited by Mr Pointy; 23rd March 2019 at 14:27.
It's a dodgy ad not a forum problem.
I did not have to click it, I just used the history button (long press on back) to go back to the previous site, so I could check how I got there. I could just as easily have closed the tab, which was also the next thing I did. One issue on iOS Safari is that the navigation buttons are often hidden by default, so you have to tap the title bar to bring them back. I can't remember exactly how it looked, but IIRC it did look a bit like it had take over the whole screen. It hadn't though. I suspect it triggers a scroll event to make the navigations buttons disappear automatically (they normally disappear after you scroll manually).
You may not be able to do anything on the page itself other that click it, but you still absolutely should not do that. Close the tab instead. Keep trying to access the site if it keeps happening, but still do not click anything. It's coming in via an ad, and it won't be 100% of the ads served by that network. So if you retry enough times, you'll eventually get in without interacting with the malware in any way. Clicking it won't improve the situation one bit, but it will increase the risk you'll get infected with something nasty (it's unknown at this point exactly what it does - this is a general rule).
Given that (in my browser) Noscript doesn't allow the snack-media.com & snack-products.co.uk scripts to run how is the script from cpx.to getting loaded? The only domain allowed to run scripts is tz-uk.com.
Posting Permissions
