Slashdot Mirror

← Back to Stories (view on slashdot.org)

OS X Malware Demands $300 FBI Fine For Viewing, Distributing Porn

Posted by timothy on from the receipt-is-useless dept.

An anonymous reader writes "A new piece of malware is targeting OS X to extort money from victims by accusing them of illegally accessing pornography. Ransomware typically uses claims of breaking the law and names law enforcement (such as the CIA or FBI) to scare victims, but it is usually aimed at Windows users, not Mac users. The security firm Malwarebytes first spotted this latest threat, noting that criminals have ported the ransomware scheme to OS X and are even exploiting a Safari-specific feature. The ransomware page in question gets pushed onto unsuspecting users browsing high-trafficked sites as well as when searching for popular keywords."

7 of 173 comments (clear)

  1. Malware by AlreadyStarted · · Score: 5, Informative

    Is this really malware? It's just a webpage with annoying javascript...

  2. Re:Ok? by SSpade · · Score: 5, Informative

    It's not malware. It's just a webpage.

    Gullibility isn't OS-specific.

  3. No, still pretty invulnerable... by SuperKendall · · Score: 4, Informative

    No product is totally invulnerable. But it's a simple fact that an OSX user can go a long, long time before ever seeing a virus or malware.

    That said - this is not an example of the OS being vulnerable, the whole "malware" is Javascript that takes over Safari a bit, basically a hacked website. I'm not even sure if it works if you have popup blocking on. The computer is never compromised.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  4. Re:Not malware by 93+Escort+Wagon · · Score: 4, Informative

    Hold down "Shift" when you re-launch Safari - that'll solve that problem.

    --
    #DeleteChrome
  5. Does not appear to be Safari-specific by sootman · · Score: 3, Informative

    It takes advantage of Safari's "restore last window" feature, which is optional (though on by default in some versions) and also available in Firefox and Chrome (and possibly also on by default in some versions.)

    And the OS X version is limited to a browser, as opposed to the Windows versions (which I've seen) which lock you out of the whole OS and can be VERY hard to get around.

    The author's suggestion is to reset Safari (as in, clear cache, remove cookies, etc.) but wouldn't you also just be able to turn off the "restore session" option and then force-quit and relaunch? Also, you could relaunch, and press 'escape' or 'command-period' repeatedly to keep the page from loading.

    --
    Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
  6. Re:Ok? by Rosyna · · Score: 5, Informative

    there's no payload and no exploit involved. it's just a webpage that opens another webpage when you try to close it.

  7. Re:Ok? by Gr8Apes · · Score: 4, Informative

    and easy enough to kill by disabling JS

    --
    The cesspool just got a check and balance.