Wilson County News
Scam Central blog blog header
Wilson County News • 1012 C St • Floresville • TX • 78114 • Ph: 830-216-4519 • Fax: 830-393-3219 • Email:
Thursday, Apr 24, 2014
Login
Not a subscriber? Click here.
Are you a WCN subscriber?
Set up your password.

 
E-Mail
Password
  Remember me
 
  Forgot password?
La Vernia News
Google
Google

Preview the Paper
Preview this week's Paper

Scam Central

Ransomware Purporting to be from the FBI is Targeting OS X Mac Users




E-Mail this Story to a Friend
Print this Story
July 23, 2013 | 4251 views | Post a comment

SOURCE: Federal Bureau of Investigation, Internet Crime Complaint Center

07/18/13--In May 2012, the Internet Crime Complaint Center posted an alert about the Citadel malware platform used to deliver ransomware known as Reveton. The ransomware directs victims to a drive-by download website, at which time it is installed on their computers. Ransomware is used to intimidate victims into paying a fine to “unlock” their computers. Paying the fine does nothing to solve the problem with the computer; do not follow the ransomware instructions. The ransomware has been called “FBI Ransomware” because it uses the FBI’s name.

The newest version of ransomware targets OS X Mac users. This new version is not malware; it appears as a webpage that uses JavaScript to load numerous iframes (browser windows) and requires victims to close each iframe. The cyber criminals anticipate victims will pay the requested ransom before realizing all iframes need to be closed.

The ransomware is pushed to victims’ computers when they browse common websites, specifically when they query popular search terms. Once the web browser is exploited, the victim’s computer displays a pop-up warning that appears to be from the FBI. Cyber criminals use “FBI.gov” within the URL to make the warning appear more legitimate.

As the FBI saw in 2012, the warning accuses victims of violating various U.S. laws, then locks the user’s computer. To unlock the computer and avoid legal issues, victims are told they must pay a $300 fine via a prepaid money card. Attempts to close the warning page results in additional messages that reappear each time victims try to close their web browser.

The simplest way to remove the ransomware’s iframes is by clicking on the Safari menu and choosing the “Reset Safari,” option, making sure all check boxes are selected. You may also hold down the Shift key while relaunching Safari, which will prevent Safari from reopening windows and tabs from the previous session. Victims can also disable the reopening feature across OS X from the General pane of System Preferences.

Ransomware messages are an attempt to extort money. If you have received a ransomware message, do not follow payment instructions. Be sure to file a complaint at www.IC3.gov.
 


Your Opinions and Comments
Be the first to comment on this story!

You must be logged in to post comments:



Other Scam Central


Scam Central side bar header
 
^Top
  Copyright © 2014 Wilson County News. All rights reserved. Web development by Drewa Designs.
^Top