- SMB Spotlight
A new crop of OS X ransomware attacks has emerged, which attempts to extort money from users, according to security firm Malwarebytes. Posing as an FBI piracy notification, the malware locks a user's system and demands that a 'fine' be paid through an online payment system.
The ransomware technique is a tried and true extortion method used by cyber criminals. Often using the guise of law enforcement or anti-piracy notifications, the infection will lock off access to the target system and demand that users pay a fee in order to regain access to their systems.
Though the FBI and other government agencies have never delivered official notifications through unsolicited emails or browser notifications, malware writers continue to extort payments from users who are worried or embarrassed about having their online activities uncovered.
For OS X users, the attack will demand that a $300 payment is made via a reloadable payment card service. Attempting to navigate away from the page will trigger a series of alerts, which prevent users from closing or leaving the site.
Malwarebytes researcher Jerome Segura wrote: “The bad guys know there is a growing market of Apple consumers who, for the most part, feel pretty safe about browsing the internet on a Mac without the need for any security product.
“Cyber criminals, well known for not re-inventing the wheel, have ported the latest ransomware to OS X, not by using some complicated exploit but rather leveraging the browser and its ‘restore from crash’ feature.”
The company said that users can navigate away from the fake notification page by resetting Safari to clear out cache and history, which prevents the page from auto-loading when the browser is restarted.