FBI scam hits Apple
Posted by: Timothy Weaver on 07/18/2013 10:32 AM
[
Comments
]
Hackers have brewed up a FBI-themed ransomware scam aimed at Apple users that relies on malicious JavaScript code rather than a conventional trojan.
Jerome Segura, a senior security researcher at Malwarebytes, came across the scam via a Bing Images search for Taylor Swift. This search led to a compromised site hosting an image mimicking police warnings.
The scam uses clever persistent JavaScript in its attempt to trick people into paying a supposed fine of $300 to "unlock their computers". Prospective marks are falsely told this is a "release fee" to avoid further legal consequences after they were supposedly caught "viewing or distributing prohibited pornographic content".
"Repeated attempts to close the page will only lead to frustration as even the 'Leave Page' browser trick does not work," Segura explains in a blog post. "If you 'force quit' the application, the same ransomware page will come back the next time [you] restart Safari because of the 'restore from crash' feature which loads backs the last URL visited before the browser was quit unexpectedly."
Users trapped in this vicious circle can escape by resetting Safari, he adds.
"This scam is unfortunately all too efficient and is not going away anytime soon," Segura warns. It has posted a [url=]video tutorial[/url] on YouTube about how to remove the FBI ransomware on Mac OS X machines.
Jerome Segura, a senior security researcher at Malwarebytes, came across the scam via a Bing Images search for Taylor Swift. This search led to a compromised site hosting an image mimicking police warnings.
The scam uses clever persistent JavaScript in its attempt to trick people into paying a supposed fine of $300 to "unlock their computers". Prospective marks are falsely told this is a "release fee" to avoid further legal consequences after they were supposedly caught "viewing or distributing prohibited pornographic content".
"Repeated attempts to close the page will only lead to frustration as even the 'Leave Page' browser trick does not work," Segura explains in a blog post. "If you 'force quit' the application, the same ransomware page will come back the next time [you] restart Safari because of the 'restore from crash' feature which loads backs the last URL visited before the browser was quit unexpectedly."
Users trapped in this vicious circle can escape by resetting Safari, he adds.
"This scam is unfortunately all too efficient and is not going away anytime soon," Segura warns. It has posted a [url=]video tutorial[/url] on YouTube about how to remove the FBI ransomware on Mac OS X machines.
Comments
