Brand New iPhone Security Bug – Krampus-3PC Malware Campaign. What Do You Need To Know?

Catherine Harris

By Catherine Harris


Luckily, for most of the time, having an iPhone is a pretty safe bet in terms of cybersecurity. Apple does a decent job of staying on top of updates and ensuring that security systems are as effective as possible.

However, this doesn’t mean that users are protected 100% of the time from 100% of threats. That would be almost impossible. Unfortunately, bugs rear their heads from time-to-time and start to cause some problems with iPhone users.

One such bug was recently announced as an ‘iPhone only’ exploit dubbed Krampus-3PC Malware. So, what does that mean? Well, let’s dig into it and find out.

Award-winning spyware detection

Combat spyware and other cyber threats with Certo AntiSpy, the world's leading anti-spyware tool for iPhones.

What is the Krampus-3PC Malware Campaign?

The Krampus campaign has arrived just in time for the holidays, which is where it earned its oh-so-festive title. And much like the mythical creature from which it owes its nickname, it seems that this malware is here to try and put a dampener on celebrations.

The main aim, it seems, of this malware campaign is to hijack user devices and then try to gain access to any personal accounts it can – such as bank accounts, email accounts, etc.

The way it was delivered was via a method known as a “badvert” or “malvertising” attack, reports The Media Trust DSO. This is where a website is unknowingly serving up malicious advertising coming from a legitimate advertising vendor. Once a user taps this ad in their browser, they are overrun with malicious scripts from the malware, which takes hold of their device.

From there it can access any accounts that are open in any other tabs on the device.

Should You Be Worried?

Well, even though it hasn’t been reported which advertising vendor supplied the malicious ads, or which websites unwittingly published them, it’s thought that the user behind the attacks has now been banned from the platform.

However, that doesn’t mean that a similar attack won’t happen in the future. In fact, it’s likely that another attack will happen – since the group behind the attack will likely want to utilise the advanced technology that has been shown to exist in this case.

Until then, it’s crucial that you remain sceptical about tapping on popups from any website when using your smartphone, but particularly those showing advertising (as opposed to simple popups for newsletter signups, etc.).

Another precaution you can take is to ensure that your iPhone is free from any malware or spyware, by using Certo AntiSpy. With our proprietary technology, you can easily and quickly see any potential spyware threats on your device. On top of this, you can also find out extra information such as if you’ve been hacked, or if your device has been jailbroken without your knowledge, allowing remote access to a third-party.