Malwarebytes reports on a method cyber-criminals have long used against Windows users, and are now using to target Mac users.”Ransomware,” the hijacking of a user’s browser with a notice demanding a $300 payment to release control of the application, has long been the bane of Windows users, but Mac users have only rarely seen efforts such as this targeted against them.
Malwarebytes, via MacRumors:
The ransomware page is being pushed onto unsuspecting users browsing regular sites but in particular when searching for popular keywords.
Warnings appearing to be from the FBI tell the victim: “you have been viewing or distributing prohibited Pornographic content.. To unlock your computer and to avoid other legal consequences, you are obligated to pay a release fee of $300.”
A feature in OS X that reopens previously open windows when relaunching an app means users cannot simply close and reopen Safari to escape the notices. Users can however hold down the Shift key while relaunching Safari, and that will open the browser sans the previous session’s windows and tabs. The feature can also be disabled in the “General” pane of System Preferences by making sure “Close windows when quitting an application” is checked.
The report notes that users are being targeted based on popular search terms, one example cited is an image search result for Taylor Swift on Bing as seen in the video below.