Ransomware is a type of malware that attempts to extort money from a computer user by infecting and taking control of the victim's machine, or the files or documents stored on it. This kind of malware has typically been the domain of Windows users, but has made its way to OS X.
A new piece of FBI themed Ransomware Malware is targeting Mac OS X and hijacking the user's browser with a notice demanding payment of $300 in order to release control of the application and accusing them of illegally accessing pornography.
The address bar shows a URL clearly trying to fool users - fbi.gov.id657546456-3999456674.k8381.com and the warnings appearing to be from the FBI tell the victim: "you have been viewing or distributing prohibited Pornographic content.. To unlock your computer and to avoid other legal consequences, you are obligated to pay a release fee of $300."
According to Malwarebytes, ransomware page is being pushed onto unsuspecting users browsing regular sites but in particular when searching for popular keywords.
The trojan targets the users by using the "restore from crash" feature in the browser, which prevents the user from getting rid of the page. Rather than a sophisticated hijack of the actual browser software or an installation of a trojan, the ransomware is merely a simple webpage using JavaScript to load 150 iframes that require confirmation to be dismissed.
Attempting to close the tab results in a popup stating "YOUR BROWSER HAS BEEN LOCKED." To get rid of such malware page, Click on the Safari menu and then choose "Reset Safari". Make sure all items are marked and hit the Reset button.
Attempting to close the tab results in a popup stating "YOUR BROWSER HAS BEEN LOCKED." To get rid of such malware page, Click on the Safari menu and then choose "Reset Safari". Make sure all items are marked and hit the Reset button.