17 July 2013
Ransomware targets Mac OS X users with “Your browser has been locked” scam
Researchers at Malwarebytes have discovered a scam targeting Mac OS X demanding that users pay a fine to remove the message, “your browser has been locked“. The scam does not allow the user to close the web browser and re-appears even after the computer has been shut down.
This type of scam is not uncommon amongst users of Microsoft Windows. It would appear the cyber-criminals are attempting to exploit the growing user base of Mac OS X, who very often do not have security software installed.
Scams like this are known as ransomware and typically attempt to scare the user into making a payment. Usually, the scam provides a false warning that your computer has been used to access inappropriate material and the only way to unlock your system is to pay a fine. Do not provide any payment details.
About the scam
This particular scam was discovered by searching for Taylor Swift on Bing images. The user is directed to a suspicious web site with the address fbi.gov.id657546456-3999456674.k8381 . com. After the usual messages, it asks the user to pay a fine of $300 to “unlock” their computer.
Whenever the user attempts to close their web browser, or leave the page, they are repeatedly given the message, “your browser has been locked“. By force quitting the browser, the user can temporarily escape but the web page is likely to re-appear once the browser is relaunched due to the ‘restore from crash’ feature built in to Safari.
How to resolve any issues
So far, it appears the only browser to be affected by this scam is Safari. When I tried accessing the web address using Firefox, the browser blocked the web site and refused to load the page.
If you are using Safari, you can get rid of this scam by clicking on the Safari menu and choosing Reset Safari…
Then, make sure all the options are checked and click the Reset button.
Protecting your Mac from malware
Whilst this scam is not particularly harmful to your computer, it does serve to remind us that cyber-criminals are beginning to target Apple users. This breaks away from the traditional misconception that Macs are safe from viruses and spyware, etc.
We recommend that you install antivirus software and run a scan at least once a week. Personally, I would recommend Sophos Free Antivirus for Mac, which updates itself and you can set it up to automatically run frequent scans.