FBI-themed ransomware now affecting OS X users

Jul 15, 2013
4
FBI-themed ransomware now affecting OS X users

Everyone has had to deal with malware of some sort at one point or another, with some being unlucky enough to come across the FBI-themed "ransomware" variety that presents itself as being a government threat of criminal charges should one refuse to pay a fine. This kind of malware has typically been the domain of Windows users, but has made its way to OS X.

The information comes from Malwarebytes, an anti-malware company. According to the rundown they've provided, the FBI ransomware is presenting users with a page that, at a quick glance, looks official enough: the beginning of the URL starts with fbi.gov.id, and and it harbors the real FBI logo, as well as a fake logo stating "The FBI" cyber department has targeted the user.

The trojan targets the users by using the "restore from crash" feature in the browser, which prevents the user from getting rid of the page. Attempting to close the tab results in a popup stating "YOUR BROWSER HAS BEEN LOCKED. All PC data will be detained and criminal procedures will be initiated against you if the fine will not be paid." The "fine" in question? $300.

Aside from the threats of criminal procedures and other such nonsense, the ransomware tries to scare the user into paying the amount by specifying specific criminal activities it accuses the user of committing, such as violating copyright laws regarding music, video, and software, as well as viewing "prohibited pornographic content."

Causing Safari to force quit won't do any good for the user, with the ransomware page reappearing the next time the browser is fired up. Fortunately, the issue is pretty easy to get rid of by simply resetting Safari, which can be done by clicking "Safari" from the menu. All the items must be checked under the reset options.

SOURCE: Malwarebytes


Must Read Bits & Bytes