Ransomware targets Mac OS X users with “Your browser has been locked” scam

Home / Ransomware targets Mac OS X users with “Your browser has been locked” scam

Ransomware targets Mac OS X users with “Your browser has been locked” scam

Researchers at Malwarebytes have discovered a scam targeting Mac OS X demanding that users pay a fine to remove the message, “your browser has been locked“.  The scam does not allow the user to close the web browser and re-appears even after the computer has been shut down.

This type of scam is not uncommon amongst users of Microsoft Windows.  It would appear the cyber-criminals are attempting to exploit the growing user base of Mac OS X, who very often do not have security software installed.

FBI Ransomware targeting Mac OS XScams like this are known as ransomware and typically attempt to scare the user into making a payment.  Usually, the scam provides a false warning that your computer has been used to access inappropriate material and the only way to unlock your system is to pay a fine.  Do not provide any payment details.

About the scam

This particular scam was discovered by searching for Taylor Swift on Bing images.  The user is directed to a suspicious web site with the address fbi.gov.id657546456-3999456674.k8381 . com.  After the usual messages, it asks the user to pay a fine of $300 to “unlock” their computer.

Whenever the user attempts to close their web browser, or leave the page, they are repeatedly given the message, “your browser has been locked“.  By force quitting the browser, the user can temporarily escape but the web page is likely to re-appear once the browser is relaunched due to the ‘restore from crash’ feature built in to Safari.

Ransomware OS X Lock Message

There’s nothing to worry about, however.  Your computer has not been infected with malicious code.  The web page is prevented from closing by using simple Javascript that is stuck in an infinite loop.

How to resolve any issues

So far, it appears the only browser to be affected by this scam is Safari.  When I tried accessing the web address using Firefox, the browser blocked the web site and refused to load the page.

If you are using Safari, you can get rid of this scam by clicking on the Safari menu and choosing Reset Safari…

Reset Safari

Then, make sure all the options are checked and click the Reset button.

Reset Safari options

Protecting your Mac from malware

Whilst this scam is not particularly harmful to your computer, it does serve to remind us that cyber-criminals are beginning to target Apple users.  This breaks away from the traditional misconception that Macs are safe from viruses and spyware, etc.

We recommend that you install antivirus software and run a scan at least once a week.  Personally, I would recommend Sophos Free Antivirus for Mac, which updates itself and you can set it up to automatically run frequent scans.

Leave a Reply

Berserk Computers

Berserk Computers

Call Now
View map