Ransomware posing as an FBI notice targets OS X users

Ransomware posing as an FBI notice targets OS X users

Malwarebytes Unpacked is reporting that cyber-criminals looking to make a quick buck have begun targeting unsuspecting OS X users by hijacking their web browser and posting a warning message purporting to be from the FBI.

The fake message casts a wide net and alerts users that their computer has been locked down because they’ve either downloaded copyrighted content, viewed illegal pornographic content or have unknowingly fallen prey to malware.

The “FBI Notice” then informs users that they can unlock their computer for US$300, payable, of course, via a GreenDot MoneyPak card. The report notes that the ransomware appears when a user queries a search engine using popular search terms.

Even if users recognize the alert as being nothing more than an underhanded scam (the shady URL pictured above certainly gives it away), attempting to exit the “FBI” page is fruitless as a warning message reappears time and time again when a user attempts to leave.

Ransomware posing as an FBI notice targets OS X users

What’s more, if you force quit Safari, the ransomware will re-appear on account of Safari’s “restore from crash” feature.

Users, however, can skirt around the “restore from crash” feature by either resetting Safari, or perhaps more simply, restarting Safari while holding down the Shift key.

Notably, Malwarebytes Unpacked says the ransomware affects other browsers on OS X as well.

Video of the ransomware in action can be seen below.

Ransomware posing as an FBI notice targets OS X users originally appeared on TUAW – The Unofficial Apple Weblog on Tue, 16 Jul 2013 15:30:00 EST. Please see our terms for use of feeds.

Source