You’ve been caught viewing prohibited pornographic content. Now you need to pay $300 to “unlock” your Mac … or take your computer in for a potentially embarrassing servicing.
That’s the premise behind a new version of the FBI Ransomware browser trojan that is targeting Mac users. (No, it’s not actually from the FBI, that’s just the scam that it’s trying to get you to buy into.) And no matter how much your spouse might refuse to believe you, you don’t have to be viewing porn to get it. In fact, according to security expert Jerome Segura, all you have to do is search the web for a few popular keywords.
The secret of this “trojan?” There’s no actual infection, but the victim believes there is.
“That’s the beauty of the scam,” Segura told me. “You’re not actually infected — they make you think that you are, and most users believe it — and that’s the trick.”
The browser window can’t be closed easily, and a force quit of Safari — which most Mac users don’t know how to do — will simply bring it right back when you open Safari again thanks to Apple’s helpful restore-from-crash feature. There are only four options to remove this.
Or you could pay the $300.
Above: FBI Ransomware is not related to the real FBI.
“The bad guys know how to use social engineering to entice victims as, for example, I was led to this locked page by doing a search for Taylor Swift nude on Bing images,” Segura writes. “The victim will feel they may have actually being doing something wrong and got caught and ashamed will pay the ‘fine.'”
There is another solution: Change your browser. Google’s Chrome browser, for instance is not vulnerable to this attack.
“If you’re using Chrome on a Mac, the chances of getting infected are almost nil,” Segura told me. “Chrome is usually safer because it’s a browser that’s been built with security in mind. There have been multiple contests targeting browser software, and Chrome has rarely ever failed.”
So unless you want to be socially engineered into paying $300, or want to have to reset your browser, you might consider other options. Traditionally, Segura told me, Safari, Internet Explorer, and Firefox have been much more vulnerable than Chrome.
Segura, security researcher though he is and whose work is keeping people safe, couldn’t stop a little bit of admiration from entering his voice when discussing FBI Ransomware:
“It’s all about the social engineering aspect,” he mused. “Using that trick … whoever designed it is smart.”
Here’s a tutorial on getting rid of FBI Ransomware: