MacNN | New 'ransom' malware exploits JavaScript flaw to plague OS X users
Mac News Network View: Standard | Headlines | Categorized | Slim
Mac News Network
Mac News iPod News Reviews Forums
 

Desktop Headlines
New 'ransom' malware exploits JavaScript flaw to plague OS X users
Monday, July 15, 2013 @ 11:59pm

A new bit of "ransomware" that has long been a plague to Windows users has been "ported" to work on Mac browsers, taking advantage of a flaw in JavaScript (not to be confused with Java) to prevent it from being easily dismissed or gotten rid of. The exploit takes advantage of the "restore from crash" to keep bothering the user, and scares them into thinking they must surrender payment information in order to "unlock" their browser and use it normally again, often under threat of persecution. There is a relatively easy fix, though inconvenient.



The ransomware page can be landed on or pushed to users who are using alternative search sites to look for certain kinds of keywords having to do with pirated software or pornography. The page appears to be from the US Federal Bureau of Investigation and claims that the user has been viewing or distributing illegal software or pornography, and that in order to "unlock" the computer they are obligated to pay a release fee of $300, using a fake URL that starts with "fbi.gov" to fool unsuspecting users. Closing the window or dismissing the warning creates another pop-up that also cannot be closed without re-spawning. Quitting or force-quitting the browser will return the user to the same page with the cycle beginning again. The code will actually allow the user to quit after 150 or so prompts, but few users are willing to go that far and are not aware that the JavaScript snippet will ever quit. Users can escape the scam by choosing to reset their browser. In Safari the command is located in the application menu and choosing all aspects of the reset. The action does not remove bookmarks but does clear out saved name and passwords as well as resetting any Top Sites that have been saved. Apple has built-in malware protection software in Snow Leopard and later systems that was recently updated, but it's not yet known if it will successfully block this particular malware yet. Assuming it does not yet block the scam, the company is likely to update XProtect to avoid the problem in the near future. The hack does not yet appear to work on mobile browsers.



Comments on this Article
Print Friendly Version
Email to a Friend
Add MacNN to Your RSS Feeds
Buy from the Apple Store


Related Stories:

Today's MacNN Stories:
  • Black Friday: lowest prices on Apple desktops - 4:25 PM EST
  • Giveaway: win a Verve 2 - 3:27 PM EST
  • Black Friday: Android tablet deals from zero dollars - 2:40 PM EST
  • Razer Nabu fitness tracker available in North America from December 2 - 2:40 PM EST
  • Giveaway: win a Penclic K2 wireless mini keyboard - 1:56 PM EST
  • Hands On: Rugby Nations 15 (iOS) - 1:55 PM EST
  • DealNN: iPad mini for $250, 4K monitor for $700, more - 1:23 PM EST
  • Black Friday Deals: $780 MacBook Air, $99 LG G Watch - 11:26 AM EST
  • Forums: MBP vs. Air and Siri fails continue - 9:05 AM EST
  • Apple Deals: refurbished Macs from $769 and iPads from $309 - 9:00 AM EST
  • Black Friday: $200 gift bundles with the purchase of a new Mac - 2:50 AM EST
  • Briefly: NewerTech's new Screen Armor for iPhone, Lego Batman 3 - 1:55 AM EST
  • Apple's Black Friday 2014 event - 12:05 AM EST

    Today's iPodNN Stories:
  • Black Friday: hot Windows notebooks at cool prices - 4:00 PM EST
  • Second generation of Puls smartwatch could arrive in early 2015 - 10:56 AM EST
  • Sony e-paper watch resurfaces in crowdfunding effort - 9:31 AM EST
  • Windows 10 Consumer Preview could ship by end of January 2015 - 3:07 PM EST
  • WSJ: GoPro plans launch of camera-equipped drones - 11:44 PM EST
  • No comments posted on this story yet. Please post yours.
    Your Comments
    In order to post comments, you must be a registered member of the MacNN Forums and logged in. Please login with your MacNN Forums username and password.

    MacNN Forums Login:

    MacNN Forums Password:

    Not a member of the MacNN forums? Register now for free.