Cybercriminals Lock Mac OS X Computers with FBI Ransomware – Video


Mac ransomware

Ransomware that’s designed to target Windows computers is not uncommon, but cybercriminals have managed to develop a version of the threat that’s utilized to blackmail Mac OS X users.

Researchers from Malwarebytes have come across an FBI ransomware page while searching for Taylor Swift on Bing.

The ransomware website instructs victims to pay a fine via MoneyPak to the FBI as they’ve been caught breaking the law.

The malicious website’s URL looks something like “fbi.gov.id657546456-3999456674. k8381.com,” which might trick many internauts into thinking that the warning is legit.

While it might appear that a piece of ransomware that uses the browser is not difficult to get rid of, the threat has a few tricks up its sleeve.

If victims try to close the browser window, they’re informed that the “browser has been locked” and the “Leave Page” button doesn’t work.

If the web browser is closed using the Mac OS X “force quit” function or if the computer is shut down altogether, the ransomware page reappears next time the application is launched because of the “restore from crash” feature.

Experts warn that less tech-savvy users might be tempted to pay the $300 (€228) fine to make the fake FBI lock screen go away.

How to remove Mac ransomware

So how do you get rid of it?

In Safari, the easiest way is to reset the browser by choosing the “Reset Safari…” option from the “Safari” menu.

When prompted to select the items you want to reset, check all the boxes. Then, hit the “Reset” button.

This should get rid of the threat.

Malwarebytes has also published a useful video tutorial to teach internauts how the Mac ransomware works and how to get rid of it:

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s