On Monday, Apple released an update to iOS, “fixing a flaw that allowed scammers to use pop-up windows in an attempt to snatch cash from unsuspecting users of the Safari browser on iPhones and iPads,” Karin Price Mueller writes for NJ.com. “The scammers targeted porn connoisseurs, hoping they’d stumble on the many websites registered to the scammers.”
“If an unsuspecting victim clicked [sic tapped] on the wrong link, the scammers would use a pop-up window to say the user’s device has been locked because of ‘illegal pornography,’ for example. It would then direct the user to pay — using an iTunes gift card, another common pay scam — via an email address that included law enforcement-sounding names such as cybercrimegov or police-pay,” Mueller writes. “Once the fine was paid, the scammy pop-ups said, the user’s Safari browser would be unlocked.”
“A Lookout user reported his device was caught in a never-ending loop. Each time he’d press ‘OK’ on the pop-up window on his screen, he’d be prompted to press ‘OK’ again. And again, and again. The browser was stuck, courtesy of the scammers,” Mueller writes. “So whether you’re a porn consumer or not, make sure you have the most updated operating systems on your devices, and be sure to run your computer’s anti-virus software regularly, too.”
Read more in the full article here.
Lookout reports that iOS 10.3 “changed how Mobile Safari handles JavaScript pop-ups, which Lookout discovered scammers using to execute a scareware campaign.”
“The scammers abused the handling of pop-up dialogs in Mobile Safari in such a way that it would lock out a victim from using the browser,” Lookout reports. “The attack would block use of the Safari browser on iOS until the victim pays the attacker money in the form of an iTunes Gift Card. During the lockout, the attackers displayed threatening messaging in an attempt to scare and coerce victims into paying.”
“However, a knowledgeable user could restore functionality of Mobile Safari by clearing the browser’s cache via the the iOS Settings — the attack doesn’t actually encrypt any data and hold it ransom,” Lookout reports. “Its purpose is to scare the victim into paying to unlock the browser before he realizes he doesn’t have to pay the ransom to recover data or access the browser.”
Lookout reports, “iOS 10.3 doesn’t lock the entire browser up with these pop-ups, rather it runs on a per-tab basis so that if one tab is misbehaving, the user can close it out and/or move to another one.”
Read more in the full article here.
MacDailyNews Take: If caught in such a loop on a Mac, you could simply close the tab, if possible, or force-quit Safari, of course.
But – can you imagine?! – never, ever pay any scareware’s “ransom” demand! Sheesh.
Uh, you don’t “click a link” on an ipad or iphone. Try press.
To be honest, this is one of those things where the word “click” to activate a link is so ingrained that it becomes the concept itself.
Kind of like how you still see buttons with floppy disk icons, almost 20 years after Apple’s first iMac did away with them. Never mind Office toolbars, it even appears in 3rd party iOS apps, which doesn’t accept *any* external media natively. But everyone knows it means save, even if younger users haven’t ever even seen one in real life.
Actually, “press” is reserved for 3D Touch by Apple. Apple calls non-3D Touch iOS interactions “taps.”
Patience. You don’t dial a phone anymore either, but that phrase took a generation to die out.
Uh…just TURN OFF Java-script – nothing but security issues/pop ups/annoying ads anyway
I’ve seen this in non porn activity. Usually it is a random link I clicked that will bring up endless pop ups saying my mac is infected.
Best option is to force quit the app if you can close the main safari window. If the issues starts up again when you open safari then I think holding shift or option will open a blank window and not you previous last opened session.
I’ve not experienced scareware, but in the case of true ransomware, paying the ransom is actually the right thing to do. Not if you have a recent enough back up, of course, but in my office, we were two weeks out on a backup once and got hit. Ransom paid, and we were back in business in 24 hours. Not pleasant, but at least those particular thieves were of the “honest” sort.
I hereby nominate your comment for “Stupidest of the Week,” so far.
Paying criminals only encourages more extortion.
Yeah,
Your data is still corrupt and you really don’t know if there was a backdoor put in, which they could hit you again. The only way to combat this is good backup, wipe and restore. When you pay, you enable them. Obviously, you did not have a good backup, which is pretty much shameful.
I believe these scams use Java and are not new.
Lats year, if memory serves, some sites were using this to fake ransomware to get low information users (Trump Voters and Fox Viewers) to open their wallet.
What is so amazing is that the overwhelming majority of malware and such gains access to personal devices via porn. The second most amazing thing is that after decades of the Internet, they still fall for this and keep coming back for more.
The unsurprising thing is that Porn consumption is highest in the Reddest of Bible Belt States. Here is a link to Christianity Today:
http://www.christiantoday.com/article/americas-bible-belt-states-indulge-in-more-online-porn-than-other-less-religious-states/42045.htm
Well, have you seen the women there? :p
Obviously you haven’t… But I’ve seen YOUR women… Nancy “Bag-O-Botox” Peelosi, Barabra “Arse-As-Big-As-A-Boxcar” Boxer, and lest we not forget the ever beautiful Diane Feinstein… and he’s not forget all the STD-infested, cokehead actresses in Hollywood… I think I’m going to barf…
Hope you don’t like BMW SUVs.. WE manufacture them in the South… ALL of them for the USA, and export 70% of total production overseas…
Hope you don’t like flying in the new, state-of-the-art, carbon fiber Boeing 787… Yep we make those too.
And I certainly hope you do’t enjoy the USAF protecting your coasts, bc F16 production is being moved to.. yep you guessed…
Someone has a thin-skin and a big ol’ General Lee sized chip on his little shoulders!
Good god dude, relax. And I’m not from here, and I’m not part of either party. So just have another cold one and tell Ellie May to bring you another rib…
Get out of Safari, go to settings, go to safari, reset/”press” button to clear history/website data, turn off java, close, press power button till shut down screen shows, hold down home button till shutdown screen exits and you are back to home screen..go back to settings and turn Java back on..and carry on..this time in private browsing 😉
Or even easier:
force quit Safari (double click home button, flick Safari away).
Then go to Settings > Safari > Clear History and Website Data.
When you reopen Safari you’ll be free of the loop/trap.
Stay away from porn sites… the ISPs will be selling your web history soon. Everyone will know you live on bigasianboobs.com. You will never run for office.
Never underestimate the intellectual idiocy of the voter or the power of lies.
Here on this website the usual political activists crucified Hillary Cinton because she had a staffer run a Mac email server. Congressional investigators could not find any email marked as classified on that server.
Colin Powell did the same thing as secretary of state. Not a peep, he’s on the red team.
Governor Pence of Indiana conducted official business on an AOL email account. Not a peep, he’s on the red team.
President Trump used a samsung galaxy3 and twitter as his main communications. He bragged he could commit murder and would not lose his supporters. Sure enough, not a peep, he’s on the red team.
Some people are such partisan hacks, hey cannot even see their own hypocrisy. Presented the facts, hey will attack the messenger. Idiots got the incompetent government they voted for.
Anybody know of a company in Germany hiring non-German speakers?
You could close the offending tabs from one of your other devices in Safari if you’ve got iCloud enabled on them.