Skip to main content

Watch out, Mac OS X users! FBI ransomware is coming for you, too

ransomware1
Image used with permission by copyright holder

It looks like Macs aren’t as impervious to computer viruses as we thought. According to Malwarebytes, cybercriminals are now targeting OS X devices with so-called ransomware – taking advantage of the fact that most Mac users feel safe and secure browsing the Web without running into a virus. After all, according to an ESET survey, in 2010, more than half of Americans thought PCs were “very” or “extremely” vulnerable to cybercrime attacks, whereas only 20 percent thought the same about Macs.

Recommended Videos

So, Mac users may be extra surprised when they see a “notice” from “the FBI” in their Safari browser. Known as ransomware, this type of malware restricts access to your computer, demanding users pay a ransom in order to remove the roadblock. Ransomware literally holds your computer hostage until you pay up.

According to the Internet Crime Complaint Center’s (IC3) 2012 Internet Crime Report, the names of various government agencies and high-ranking government officials are often used in spam attacks in an attempt to defraud consumers. In fact, the IC3 received about 47 of these complaints a day in 2012, with an average of about $141 lost per complaint. IC3 estimates that cybercriminals defrauded Americans of more than $4.6 million in 2012 alone, mostly by posing as the FBI or other government-related entities.

In the case of the OS X ransomware, victims will see a notice from the FBI that says ” you have been viewing or distributing prohibited Pornographic content. To unlock your computer and to avoid other legal consequences, you are obligated to pay a release fee of $300.” The whole thing stinks to high heavens, as the rest of the message goes on to say the victim must pay through GreenDot MoneyPak by buying a MoneyPak card at “any shop or gas station,” loading it with $300, and then entering the card’s code in your browser.

This form of ransomware usually pops up while searching for popular keywords and browsing popular sites. For example, Jerome Segura, senior security researcher at Malwarebytes, encountered the ransomware while searching for Taylor Swift on Bing images. Segura says that many people will actually pay the $300 since “the victim will feel they may have actually being doing something wrong and got caught and ashamed, will pay the ‘fine’”.

ransomware_lock2And, if you think you can just close your browser to get rid of the message, you’re wrong. It’s called ransomware for a reason. Even when you try repeatedly to close the page, you’ll get a “Leave Page” browser window that pops up and won’t allow you to click the “Leave Page” button. Your blood pressure will definitely be rising by this point. Force-quitting the application will only result in the ransomware page showing up the next time you open Safari. You can thank Safari’s “restore from crash” feature for that one.

But, before you take your laptop to the Geek Squad and presumably pay close to the amount these cyber criminals are asking you for, know that there is a way out. Thankfully, Malwarebytes describes it in detail – and it’s very simple. Here’s what to do:

  1. Click on the Safari menu button in the upper left-hand corner of your screen, and click “Reset Safari.”
  2. Select all the times in the menu, and then click the Reset button.

That’s it! Doing this should clear the ransomware from your Mac.

We hope you never have to do this. But in case you ever see a warning from the FBI pop up in your browser, do not send any money. It’s a scam that’s easy to escape.

You can watch the video below as well for more instruction.

[Photos via Malwarebytes]

Jennifer Bergen
Former Digital Trends Contributor
Jennifer Bergen is the Computing Section Editor at Digital Trends and is in charge of all things laptops, desktops, and their…
This dangerous new Mac malware steals your credit card info
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

People like to think that Apple’s Macs are more or less invulnerable to the assorted viruses and trojans that afflict Windows PCs, but that’s far from the truth. That’s just been aptly demonstrated by the emergence of a new malware strain that attempts to steal all of your passwords, credit card data, and more.

The discovery was made by security firm SentinelOne, which named the malware MetaStealer. According to SentinelOne, MetaStealer has the potential to trick you into giving away vital information that could cause a huge amount of damage, and it has a nefarious way of getting what it wants.

Read more
Is macOS more secure than Windows? This malware report has the answer
A person using a laptop with a set of code seen on the display.

It’s a long-held belief that Macs are less at risk of malware and viruses than Windows PCs, but how true is that? Well, a new report has shed some light on the situation -- and the results might surprise you.

According to threat research firm Elastic Security Labs, roughly 39% of all malware infections happen on Windows PCs. In good news for Apple fans, only 6% of breaches occurred on macOS, making Mac systems far less vulnerable than their Windows counterparts.

Read more
This Mac malware can steal your credit card data in seconds
Apple's Craig Federighi speaking about macOS security at WWDC 2022.

Despite their reputation for security, Macs can still get viruses, and that’s just been proven by a malicious new Mac malware that can steal your credit card info and send it back to the attacker, ready to be exploited. It’s a reminder to be careful when opening apps from unknown sources.

The malware, dubbed MacStealer, was discovered by Uptycs, a threat research firm. It hoovers up a wide array of your personal data, including the iCloud Keychain password database, credit card data, cryptocurrency wallet credentials, browser cookies, documents, and more. That means there’s a lot that could be at risk if it gains a foothold on your Mac.

Read more