about://(null) popup?

ios

Solution 1:

Since I got the popup in iOS Simulator, I was able to use Safari's Develop menu to inspect the page. From there it was just an exercise in rooting around to find the obfuscated JavaScript, which, when run through jsbeautifier.org (which has the side effect of de-obfuscating it), looks like this:

var m = ['iphone', 'ipod', 'ipad', 'android'],
    u = navigator['userAgent']['toLowerCase']();
for (var d = 0; d < m['length']; d++) {
    if (u['indexOf'](m[d]) != -1) {
        if (confirm('Why you no play Candy Crush!!')) {
            window['top']['location'] = document['getElementById']('creative')['href'];
            break;
        };
    };
};

I think it's pretty safe to say that this is indeed a rogue ad, since on the page where I saw it, the ad itself was blank. It's trying to get you to click through to a link.

So, in other words, it's a real pain in the buttocks, but probably not actual malware. The ad in question is apparently delivered by AdMax by NEXAGE, so I'll see what I can do about alerting them.

Related

How do I correctly set strictly only one desktop?
Change the Option+R/L shortcuts to Control+R/L
MacBook Pro 15" 2011 - missing audio device (no sound driver)
Apache VirtualDocumentRoot, MAMP, .local domain & xip.io?
Is the iPhone 6 waterproof or water-resistant?
Is it worth getting a 4k monitor for a late-2012 13" MacBook Pro with Retina display?
Thunderbolt vs DisplayPort
Simple text editor that supports highlighting and font colours
How to make a bootable USB drive from Install OS X El Capitan.app? [duplicate]
Advice on securely removing malware
Can MacFusion be used under Mountain Lion?
Crashed when creating a partition - now missing drive space!