New Kind Ransomware, Scareware, on Safari

Have you ever gotten a popup window while using Safari on your iPhone or iPad, telling you that you have to pay a fee to regain access to your browser? Leaving aside any judgment on the kinds of websites or online activities you that are usually involved that result in getting it, if you’ve seen that, your device has been infected with ransomware.

This particular ransomware takes advantage of the way Safari shows popup windows to show an endless loop of them, rendering the browser pretty much unusable.

There’s a little added trick to this one, though. Victims are eventually taken to a website spoofing a law enforcement website saying they must pay a fine for accessing illegal content. There’s added legitimacy because the infection usually comes from porn or download websites. Hence the name: scareware.

Unlike with regular ransomware, there’s no file encryption. The script just makes it difficult to use your browser. There is a free and easy way of getting around it, however. All you have to do is go to Settings > Safari > Clear History and Website Data.

To make things even easier, though, the recent release of iOS 10.3 patches the vulnerability, rendering the whole thing moot.

 

This blog has been re-posted with permission from Craig Petronella