Multiple massive malvertising attacks which targeted iOS users from the U.S. and multiple European Union countries for almost a week used a Chrome for iOS vulnerability to bypass the browser’s built-in pop-up blocker. The threat group behind the flurry of attacks used 8 individual campaigns and over 30 fake creatives throughout their push, with each of the fake ad campaigns having lifespans of between 24 and 48 hours. In total, according to Confiant researchers who discovered and monitored eGobbler’s iOS-targeted attacks, roughly 500 million users sessions were exposed to this large scale orchestrated campaign pushing fake ads.
Source: https://www.bleepingcomputer.com/news/security/malvertising-campaign-abused-chrome-to-hijack-500-million-ios-user-sessions/