My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets


Back to the news list

Malicious script blocks browsers on iPhone, iPad and iPod touch

October 27, 2011

Doctor Web's engineers received a number of requests from iPad users who were troubled by blocking pop-up windows displayed as they visited certain sites in Safari and other browsers. Investigation into the problem revealed that pop-ups were brought up by malicious JavaScript code embedded into web-pages by criminals.

Earlier Doctor Web issued a report about a similar threat to Android devices.

As far as iOS devices are concerned, the embedded JavaScript code displayed a pop-up window on certain web-sites demanding that a user send a paid short message at the specified number to access the web-site. Pressing OK or Cancel doesn't close the pop-up and restarting the browser brings up the window again because Safari, in particular, restores the last session automatically.

Similarly to the Android issue, a solution to the iOS problem is quite simple: open the Settings applet, go to the Safari tab, select Delete cookie and data and press Clear in the pop-up window. In the same list select Clear History in order to prevent Safari from resuming the previously interrupted session. Besides, you can open a new Safari tab from any other application (e.g. choose to open an iTunes page), close the remaining tabs including the one blocked by the malicious script.

This method may not work with other browsers for iOS whose settings can only be accessed from the browser window instead of the Settings applet. If your browser doesn't allow clearing its cache with tools other than its own interface, you may need to take other measures and possibly reinstall the browser. For more detailed information refer to documentation for the respective software.

It should be noted that the malicious scripts do not read the client's user-agent and a similar window can be displayed by any JavaScript supporting browser under any OS. Addresses of web-sites containing such scripts are added to the Dr.Web parental control database and onto the list of sites that spread malware.

Tell us what you think

To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.

Other comments