OS X Users Hit by Ransomware Websites Posing as FBI Notices

[brand]

Sounds dangerous. Let us switch to Linux.

Your already using Unix so that would be kind of pointless.

 

[donutbagel]

You mean those things that show up when you try to close a webpage? Firefox or something lets you skip them all if you want, and that's a feature I wish Safari had.

 

[imageWIS]

There's just no limit to the ingenuity of greedy crooks, is there?

Indeed, just ask heads of corporations and politicians.

 

[macs4nw]

Indeed, just ask heads of corporations and politicians.

Not what I had in mind obviously, but true indeed!

 

[mrgraff]

You clearly misunderstood the part where I'm talking about this article, having posted a picture of a Windows VM infected with trojans.

Trojans aren't social engineering like this "ransomware" is. Again, this is a browser based "attack" that relies on social engineering to gain profit. It's phishing 101. ANY browser on ANY OS can run into this website (and others like it) and get the lovely prompt spam. It's not even remotely comparable to trojans and worms.

Why is that hard to understand?

I understand it just fine. Try taking a better look at the picture that I posted. It's not a VM running Windows. That's a malicious web page loaded in the Mac OS version of Firefox, that is designed to resemble an instance of Windows Explorer.

Notice that the Firefox window has the application name on the menu bar with the Apple logo as well as the window closing buttons in the upper left; not the Firefox icon and title as it would appear in a Windows VM.

The design was so good that you too got fooled into thinking that that was an XP screenshot - which I hope helps to demonstrate how easy it is for some people to fall victim to these things.

 

[28monkeys]

Whoever believes this, deserves the fine

 

[Mr. Gates]

This is going to become more and more common as Microsoft has patched these kind of vulnerabilities more and more.

While Mac has been gloating their "Impenetrable" security status, they should remember that it was only because the bad guys didn't give a crap about Mac.

Now they have increased market share and the hackers of the world will take notice, especially because Microsoft and windows is better than they have ever been in 30+ years in regards to security.

EXPECT MORE OF THIS

----------

Whoever believes this, deserves the fine

Yeah.....like Nobody who couldn't figure out how to properly operate a Windows rig has ever flocked over to Mac with the promise that they don't have to use critical thinking in regards to computer maintenance and "Best Practices"

Don't fool yourself, that's at least 1/2 of Mac users ....nobody in this forum of course

 

[inkswamp]

This is going to become more and more common as Microsoft has patched these kind of vulnerabilities more and more.

While Mac has been gloating their "Impenetrable" security status, they should remember that it was only because the bad guys didn't give a crap about Mac.

Now they have increased market share and the hackers of the world will take notice, especially because Microsoft and windows is better than they have ever been in 30+ years in regards to security.

EXPECT MORE OF THIS

Expect more of what exactly? Vulnerabilities that can literally be fixed without an update, by clearing Safari's cache? Is that something that should cause Mac users to run into the streets in panic? I didn't know it was the end of the world.

Sorry, but you're completely overplaying this. I've dealt with Windows viruses a lot and this ransomware thing is a walk in the park compared to the some of the obnoxious and persistent nastiness I've had to uproot from PCs over the years. I don't even think a lot of Windows admins would even think of this as a real virus.

So, I'm not going into panic mode yet and won't until the day comes that I see a boot sector virus on a Mac or a virus that can stop any executable from launching or malware that can elude even admin-level attempts to terminate it or viruses that can stop the user from starting their machine up.

I've seen all those on Windows. I've seen none on OS X.

 

[donutbagel]

"Rather than a sophisticated hijack of the actual browser software or an installation of a trojan, the ransomware is merely a simple webpage using JavaScript to load 150 iframes that require confirmation to be dismissed..."

And this is the reason why Safari needs the "skip next messages" feature. You could always force-quit to get rid of this, though. What I REALLY want is some extension or option to disable these JavaScript prompts all-together because crappy sites always shove an "ARE YOU SURE???!!!" in your face when you try to leave.

----------

This is going to become more and more common as Microsoft has patched these kind of vulnerabilities more and more.

Microsoft patched the JavaScript popup vulnerability? Uh, no. This could run on IE as well, but because IE doesn't even have the re-open feature, it's not as vulnerable because this isn't meant for it. Kind of like how a Mac would be immune to a Trojan horse that's a .exe.

 

[Yamcha]

lol, I've had this on my Windows partition before, obviously didn't fall for it, but can be convincing for some people.

 

[darkplanets]

I understand it just fine. Try taking a better look at the picture that I posted. It's not a VM running Windows. That's a malicious web page loaded in the Mac OS version of Firefox, that is designed to resemble an instance of Windows Explorer.

Notice that the Firefox window has the application name on the menu bar with the Apple logo as well as the window closing buttons in the upper left; not the Firefox icon and title as it would appear in a Windows VM.

The design was so good that you too got fooled into thinking that that was an XP screenshot - which I hope helps to demonstrate how easy it is for some people to fall victim to these things.

Touche. I wouldn't credit the design -- just my haste. I didn't look closely, so point noted entirely. Apologies.

 

[moxin]

Sounds dangerous. Let us switch to Linux.

;-)

yeah lets join the revolution of bloated kernel, let go directionless.
Just because a person stupid enough to fall for this.

 

[CFreymarc]

If you get it in front of 1,000,000 people, and only .001% fall for it, you've hit 1,000 users.

Unfortunately that is close to the hit rate. It is estimated hostage attacks like this can take in from $10,000 to under a $1,000,000 before it stops. Also, many pre-paid card companies like this track high spikes in revenue and freeze accounts before the funds transfer. The money clearing to an overseas account is not that common due to monitoring of this. PayPal has a whole team that is all over fraud.

 

[swissglide]

The line about minimum wages and deprivation of liberty is a google translate-esque literal restatement of typical russian legalese - "штрафом в размере от Х до У минимальных размеров оплаты труда и лишением свободы на срок от N до M лет". So whoever made these is probably from one of the former Soviet Union countries.

 

[AppleMark]

Honestly, if people really fall for these tricks they should not be anywhere near a computer and they deserve to be ripped off - hopefully they might learn from it. For god's sake the URL alone is enough to make you realise its dodgy. People should NOT be told to keep pressing OK buttons on dialogue boxes as this can introduced more problems. Notice the user in the video did not got to preferences and change the home page, or Hold shift and Start safari either.

People who fall for these scams never 'deserve' it. The majority that do get scammed, are most often the vulnerable.

Such as young adults who start life overly fearful of authority, the elderly and mentally impaired etc, who may be overwhelmed or confused by the seemingly official demands for payment.

A scam is a scam, when did we start blaming victims?

 

[Nightarchaon]

Java != JavaScript...*facepalm*

Javascript = biggest single attack point for spam websites, it needs removing from existence IMO, it can do too much outside the browser, id like to see Java removed from web standards, along with flash, no need for either with HTML5

----------

Really?!? This is why?
I mean... How did you even know they were going to lauch an attack like this?

Seems like you must have known this was going to happen... which means you had something to do with it!!!

I turned it off because when i launch Applications i want a clean launch, i don't want to go back to where i was when i closed the application, i closed it because i was done with it, if i hadn't been done with it, id have left it open (I never turn my iMac off except for moving it, or installing updates)

 

[jMc]

Javascript = biggest single attack point for spam websites, it needs removing from existence IMO, it can do too much outside the browser, id like to see Java removed from web standards, along with flash, no need for either with HTML5

Well, you ignored the 'Java != JavaScript' comment very well there. And good luck on doing useful things on websites with just mark up, even of the HTML5 variety.

I do agree that Java (not JS) and Flash shouldn't be part of web standards though. Luckily, they're not.

jMc

 

[Nightarchaon]

Well, you ignored the 'Java != JavaScript' comment very well there. And good luck on doing useful things on websites with just mark up, even of the HTML5 variety.

I do agree that Java (not JS) and Flash shouldn't be part of web standards though. Luckily, they're not.

jMc

Define "useful" things, that you cant do in HTML5, expect advertising crap

 

[irnchriz]

I worked in the computer labs in a college for the past year. If a student using a computer gets a virus, saves a file on the hard drive, does anything, it all gets wiped clean once the computer is restarted.

But back to your point, this is simply a web page that does nothing to your computer, so I don't understand how you "have had to clean/repair dozens of infected windows machines which were infected with similar malware."

My point is that the windows version of this actually INFECTS the machine and is not simply a web browser page as it is on the Mac. Seriously, you didn't get that from reading the numerous posts regarding this on PC's.

 

[Tech198]

One would have to be unbelievably stupid to fall for something like that.

Same could be said for Windows people too..

regardless, people just don't have the training, or do put it a better way..

They just don't care.....

Its a shame, but if people get infected, but not taking the time to learn the facts, then its their own fault.. Period...... You can make all the assumptions in the world. how this should have protected me, but it all states with the user.

My mate run Norton 360, thinking he can surf to any site, and he trusts Norton 100% of blocking him.. Not gonna happen.

 

[class77]

The important part to me was not that I'd fall for the ransom, but how to get out of it easily by just clearing the history/cache.

 

[giantrobot503]

This is exactly why I don't like (and will turn off) the "re-open all previously open windows" feature. Even accidental Javascript errors can result in endless windows, and errors like that are much easier to clear by quitting and restarting.

Re-open all previously open windows: Embarrassing you in front of your parents/roommates since 2011.

 

[macsrcool1234]

Javascript = biggest single attack point for spam websites, it needs removing from existence IMO, it can do too much outside the browser, id like to see Java removed from web standards, along with flash, no need for either with HTML5

You have absolutely, positively NO IDEA what you're talking about and it is blatantly clear you have never created a website in your life.

 

[bradhs]

This is not really "Ransomware", this is a website. Nothing is installed on your computer.

Unless all of a sudden we are now calling website code "software"? I didn't get that memo.

Solution: Quit Safari, hold down the shift key while reopening Safari and bye bye website.

 

[SmithCommaJohn]

This is the absolute last straw.

I'm going back to my abacus.