OS X Users Hit by Ransomware Websites Posing as FBI Notices

Malwarebytes takes a look at a method cyber-criminals have begun using to target Mac users with "ransomware", hijacking the user's browser with a notice demanding payment of $300 in order to release control of the application. While similar malware has affected Windows systems for a number of years, Mac users have only rarely seen such efforts targeted at themselves.

The ransomware page is being pushed onto unsuspecting users browsing regular sites but in particular when searching for popular keywords.

Warnings appearing to be from the FBI tell the victim: “you have been viewing or distributing prohibited Pornographic content.. To unlock your computer and to avoid other legal consequences, you are obligated to pay a release fee of $300.”

safari_fbi_ransomware
Rather than a sophisticated hijack of the actual browser software or an installation of a trojan, the ransomware is merely a simple webpage using JavaScript to load 150 iframes that require confirmation to be dismissed, with the authors hoping that users will give up long before they dismiss all of the dialog boxes and simply pay the ransom. As the report notes, a feature on OS X that reopens previously open windows after relaunching an app means that users generally can not simply close and reopen Safari in order to escape the ransomware.

The report details one method to escape the ransomware involving resetting Safari, but misses a far simpler tactic: Simply holding down the Shift key while relaunching Safari will prevent it from reopening windows and tabs from the previous session. Users can also completely disable the reopening feature across OS X from the General pane of System Preferences. Many OS X users may, however, be unfamiliar with such options and find themselves trapped by the ransomware webpage.


The report notes that the ransomware authors are targeting users based on popular search terms, with one example stumbled upon through an image search result for Taylor Swift on Bing.

Top Rated Comments

TsunamiTheClown Avatar
117 months ago
I have paid this ransom like 3 times today and still no sense of absolution.
Score: 46 Votes (Like | Disagree)
primalman Avatar
117 months ago
Who falls for a thing that says its the FBI and to pay a fine you use gas station money cards? Really?
Score: 46 Votes (Like | Disagree)
Tiger8 Avatar
117 months ago
Only real stupid people would fall for that.

Unfortunately...


This is America so I wouldn't be surprised.

Why do you make such generalizations? Not everyone is computer Savy, there are some people in their 60s and 70s who 'barely' get by browsing the internet and checking email, and yea they bought Mac because it's easy. They are not real stupid, they are not dumb, they just don't know enough to know it's fake.
Score: 17 Votes (Like | Disagree)
TMRaven Avatar
117 months ago
If the fbi finds out you're distributing child porn you're going to jail, not paying 300 dollars. Hahaha.
Score: 16 Votes (Like | Disagree)
chumawumba Avatar
117 months ago
Only real stupid people would fall for that.

Unfortunately...


This is America so I wouldn't be surprised.
Score: 14 Votes (Like | Disagree)
ravenvii Avatar
117 months ago
Who falls for a thing that says its the FBI and to pay a fine you use gas station money cards? Really?

You'd be surprised.
Score: 14 Votes (Like | Disagree)

Popular Stories

top stories 2jul2022

Top Stories: M2 MacBook Air Release Date, New HomePod Rumor, and More

Saturday July 2, 2022 6:00 am PDT by
The M2 MacBook Pro has started making its way into customers' hands and we're learning more about how it performs in a variety of situations, but all eyes are really on the upcoming M2 MacBook Air which has seen a complete redesign and should be arriving in a couple of weeks. Other top stories this week included a host of product rumors including additional M2 and even M3 Macs, an updated...
Mac Studio IO

Apple Begins Selling Refurbished Mac Studio Models

Thursday June 30, 2022 7:42 pm PDT by
Apple today began selling refurbished Mac Studio models for the first time in the United States, Canada, and select European countries, such as Belgium, Germany, Ireland, Spain, Switzerland, the Netherlands, and the United Kingdom. In the United States, two refurbished Mac Studio configurations are currently available, including one with the M1 Max chip (10-core CPU and 24-core GPU) for...
macbook air m2

Exclusive: Apple Plans to Launch MacBook Air With M2 Chip on July 15

Wednesday June 29, 2022 5:23 pm PDT by
The redesigned MacBook Air with the all-new M2 Apple silicon chip will be available for customers starting Friday, July 15, MacRumors has learned from a retail source. The new MacBook Air was announced and previewed during WWDC earlier this month, with Apple stating availability will begin in July. The MacBook Air features a redesigned body that is thinner and lighter than the previous...
13 inch macbook pro m2 mock feature 2

M2 MacBook Pro Much Slower Than Previous Model

Friday July 1, 2022 2:24 am PDT by
Apple's new 13-inch MacBook Pro with the M2 chip features a significantly slower SSD compared to the previous model, resulting in poorer performance in some workflows, it has been discovered. Specifically, it has been found that the $1,299 base model with 256GB of storage has significantly slower SSD read and write speeds compared to the equivalent previous-generation 13-inch MacBook Pro....