Slashdot Mirror

← Back to Stories (view on slashdot.org)

OS X Malware Demands $300 FBI Fine For Viewing, Distributing Porn

Posted by timothy on from the receipt-is-useless dept.

An anonymous reader writes "A new piece of malware is targeting OS X to extort money from victims by accusing them of illegally accessing pornography. Ransomware typically uses claims of breaking the law and names law enforcement (such as the CIA or FBI) to scare victims, but it is usually aimed at Windows users, not Mac users. The security firm Malwarebytes first spotted this latest threat, noting that criminals have ported the ransomware scheme to OS X and are even exploiting a Safari-specific feature. The ransomware page in question gets pushed onto unsuspecting users browsing high-trafficked sites as well as when searching for popular keywords."

17 of 173 comments (clear)

  1. Ok? by i+kan+reed · · Score: 4, Insightful

    I thought we were past the "being surprised that apple products get malware" stage years ago. This seems like a pretty run-of-the-mill scam. I can't really see what's notable about it. Someone help?

    1. Re:Ok? by SSpade · · Score: 5, Informative

      It's not malware. It's just a webpage.

      Gullibility isn't OS-specific.

    2. Re:Ok? by Anonymous Coward · · Score: 3, Funny

      Don't let the patent office hear that.

    3. Re:Ok? by Rosyna · · Score: 5, Informative

      there's no payload and no exploit involved. it's just a webpage that opens another webpage when you try to close it.

    4. Re:Ok? by fazey · · Score: 4, Insightful

      So how is this "mac specific" or an "exploit"... and not just... a popup?

    5. Re:Ok? by Gr8Apes · · Score: 4, Informative

      and easy enough to kill by disabling JS

      --
      The cesspool just got a check and balance.
  2. Malware by AlreadyStarted · · Score: 5, Informative

    Is this really malware? It's just a webpage with annoying javascript...

  3. Re:Not so Invulnerable now, huh...? by MachineShedFred · · Score: 5, Funny

    This isn't malware. It's a javascript on a web page.

    Calling this malware is like calling a firecracker a weapon of mass destruction.

    --
    Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
  4. No, still pretty invulnerable... by SuperKendall · · Score: 4, Informative

    No product is totally invulnerable. But it's a simple fact that an OSX user can go a long, long time before ever seeing a virus or malware.

    That said - this is not an example of the OS being vulnerable, the whole "malware" is Javascript that takes over Safari a bit, basically a hacked website. I'm not even sure if it works if you have popup blocking on. The computer is never compromised.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  5. FTFY by SuperKendall · · Score: 3, Insightful

    I thought we were past the "being surprised that websites get hacked" years ago.

    This is not malware, it's a hacked site with annoying javascript. The only news here is how desperate some people are to show that OSX is vulnerable to malware - even when the malware never is installed on the system...

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
    1. Re:FTFY by jimicus · · Score: 3, Insightful

      It is malware, it's just not running from a platform usually used for such things.

      True, but the important point is the platform in question is not OS X and it is somewhat disingenuous to pretend it is. The platform is "any web browser that automatically reloads the last visited site if you force it to quit".

    2. Re:FTFY by SuperKendall · · Score: 3, Interesting

      No, I am saying OS X is much LESS vulnerable to malware, and that some people are desperate to make it SEEM as though OS X gets malware to the same extent PC's do even when facts do not bear that out.

      So desperate in fact, that they jump the gun and claim a Javascript hack is the same as system level malware... all because they didn't simply try to look at the facts at what it was, just react to the presence of "OSX" in the headline.

      --
      "There is more worth loving than we have strength to love." - Brian Jay Stanley
  6. Not a virus, how does your foot taste? by raymorris · · Score: 4, Insightful

    How does that foot in your mouth taste? It's not a virus, and not OSX specific - it's just a web page with some annoying Javascript.

  7. Re:Not so Invulnerable now, huh...? by 93+Escort+Wagon · · Score: 4, Funny

    Just a rouge website with some crafty Javascript!

    What does the color of the web page have to do with anything?

    --
    #DeleteChrome
  8. Re:Not malware by 93+Escort+Wagon · · Score: 4, Informative

    Hold down "Shift" when you re-launch Safari - that'll solve that problem.

    --
    #DeleteChrome
  9. Does not appear to be Safari-specific by sootman · · Score: 3, Informative

    It takes advantage of Safari's "restore last window" feature, which is optional (though on by default in some versions) and also available in Firefox and Chrome (and possibly also on by default in some versions.)

    And the OS X version is limited to a browser, as opposed to the Windows versions (which I've seen) which lock you out of the whole OS and can be VERY hard to get around.

    The author's suggestion is to reset Safari (as in, clear cache, remove cookies, etc.) but wouldn't you also just be able to turn off the "restore session" option and then force-quit and relaunch? Also, you could relaunch, and press 'escape' or 'command-period' repeatedly to keep the page from loading.

    --
    Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
  10. Re:makes sense by 93+Escort+Wagon · · Score: 3, Insightful

    Still bitter about that Mac user stealing your girlfriend, I see...

    --
    #DeleteChrome