Three Ways to Fix a Safari Browser Hijack in iOS 11

4 minute read
| How-To

There’s a particularly nefarious form of hijackware that can take over Safari in iOS. Fortunately, there are three fairly easy ways to solve an iOS browser hijack (also called a Safari hijack): clearing your cache, disabling JavaScript, and using an external link to force open a new window or tab. I’ll explain each of these methods below.

You can skip to the instructions if you don’t want the description first.

Safari Hijack in iOS

A browser hijack, or safari hijack, is when a malicious webpage—or more likely, a malicious ad on an otherwise legitimate webpage—takes over your browser. There are a few different versions of this. One variant puts a dialog box on your screen asking you to call a phone number, like in the screenshot below.

WARNING: NEVER CALL A PHONE NUMBER LIKE THIS—IT’S A SCAM BY BOTTOM FEEDING SCUMBAGS TRYING TO TRICK YOU INTO GIVING THEM YOUR CREDIT CARD INFO!

Screenshot of a browser hijack in iOS 11

Screenshot of a browser hijack in iOS 11

The way this one worked was that you couldn’t cancel or otherwise dismiss the dialog box. And see how it looks all official, like it’s something form Apple? It isn’t. Instead, it’s JavaScript shenanigans whose only goal is to get you to call the thieves and hand over personal data, credit card info, and sometimes remote access to your device.

So, as the warning says, don’t fall for this, never call a number like that, and use the methods below to get around a safari hijack like this if you stumble into one.

Browser Hijack Variant

Another variation is the one I encountered below. In this version, a maliciously—or maybe just poorly—coded ad didn’t hijack my entire browser. Instead, it hijacked the webpage I was trying to visit. No matter what I did, I was rerouted to some spammy BS site when I opened Safari.

A screenshot of another browser hijack variant

Another Safari Hijack Variant

These hijacks usually aren’t the fault of the site operator, and sometimes not even the ad network they’re on. Spammers and thieves are engaged in an unrelenting effort to get their maliciously crafted ads onto ad networks, especially the automated ones. While most of those networks remove the malware ads (eventually), the bad guys are always trying to get new ones in.

Next: How to Fix a Safari Hijack in iOS 11

2
Leave a Reply

Please Login to comment
2 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
2 Comment authors
boltarLee Dronick Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest most voted
Notify of
boltar
Member
boltar

Sorry but this is just the ad network being weaponized. I will make a few repeat visits to sites where this happens and notify the site, but if it persists more than a couple of visits, that’s it, I’m blacklisting you. In general this is among the reasons “we can’t have nice things”, but that is the world we live in. If ad networks can’t fix this problem quickly, it will be the well-deserved end of them.

Lee Dronick
Member
Lee Dronick

This happens to me at a few website that I regulalry visit. I will report to the webmaster who will investigate and 86 the ad, but a few days later the slimeball is at it again.

Maybe the answer would be for website to not allow advertisers to use javascript in the ads, just a simple link. It would probably speed up the page load.