Regarding web ads redirecting to the App Store

News
By published

We've gotten complaints about this — and experienced it ourselves — for what feels like a couple years. Something causes a web page, when opened, to immediately redirect you to the App Store, almost always to the listing for a popular game. Maybe the perpetrators are hoping you're so enticed by the game you download it even after being hijacked, so they'll get some revenue, direct or affiliate. But it deplorable and, even after a couple of years, it's unclear how and why it keeps happening.

Apple patched Safari iOS 8 in an effort to prevent just this kind of behavior from happening. It slowed things down for a while, but other methods of circumvention certainly seem to have been found. The original assumption was that it was caused by bad-actor ads inserting code to bust out of their frames and force a redirect to iTunes. Now it seems like it's more complicated than that, because it also seems to be happening on sites without any ads capable of doing that.

Jason Snell recently wrote about it on Six Colors as a follow up to Ben Mayo's post from 9to5Mac. Here's what Jason had to say:

If Mayo is seeing this behavior on Six Colors, though, we have to assume that something else is at work, such as:

  • Exploitation of a bug in Safari that puts the browser in a particular state even after it's left a page contaminated with that code
  • JavaScript firing in a different Safari tab/window, making Mayo misapply blame for the behavior
  • Interception and rewriting of page code by a carrier, ISP, or even a compromised wireless router

It could be all of the above, and more. It could be a complex attack with elements in ads, caches, browser exploits, compromised routers, bad ISPs or carriers, or bad certificates on devices.

Certainly it's the responsibility of ad brokers to make sure they never approve any ads containing any code that behaves this way, and of sites like iMore to make sure we ban anything that gets through. It's still a wild web out there in many ways, however, and some brokers and sites might be okay with this kind of behavior.

If it really can persist beyond the original point of contact, it might be worth checking to see if it's left anything behind. To see if you have any profiles installed on your iPhone or iPad you can't account for, go to Settings > General > Profiles (at the bottom). If you're experiencing the problem, you can also try wiping your Safari cache. That's in Settings > Safari.

We'll keep looking into it, and I'm sure others will as well, and update when we have more information.

Rene Ritchie
Rene Ritchie
Contributor

Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.

Latest in Security
iPhone 15 Plus review
Recent Apple iPhone spyware alerts could have been triggered by China-linked attacks, researchers say
Google One VPN on iPhone
Google is about to give iPhone owners a privacy and security headache as it prepares to shut down another key service
iCloud Keychain on iPad
I can finally use iCloud Keychain and ditch 1Password thanks to this key new feature
At home with 15-inch MacBook Air, on a mosaic balcony table and on a wooden floor.
Old-school Mac malware is hiding in plain sight in this productivity app
M2 Macbook Pro 13 Inch Hero
Researcher claims a key Mac security feature can be bypassed and Apple won't fix it
macOS Ventura Passkeys
The apple.com website adds passkey support, but there's a catch
Latest in News
iMore Logo
One more thing… Goodbye from iMore
Jony Ive
Jony Ive’s OpenAI hardware device could be his next world-changing design
NEBULA Cosmos 4K SE with Apple TV
This new 4K projector is tempting me to replace my LG C2 TV, just so I can watch Slow Horses on a 200-inch display
VisionOS 2 app reorganization
visionOS 2 is the first major software update for Apple Vision Pro, and now it's available
macOS Sequoia
macOS Sequoia (version 15) is now available for your Mac with some big upgrades
watchOS 11
watchOS 11 is now rolling out to all Apple Watch users with the Series 6 or newer
More about security
iPhone 15 Plus review

Recent Apple iPhone spyware alerts could have been triggered by China-linked attacks, researchers say
Google One VPN on iPhone

Google is about to give iPhone owners a privacy and security headache as it prepares to shut down another key service
iMore Logo

One more thing… Goodbye from iMore
See more latest