A new round of ransomware is freezing up Mac computers and iPhones in a criminal attempt to get you to pay hundreds of dollars to supposedly implement a fix.
Ransomeware is rife on the Internet
The kind of malware that perpetrates this ploy is called ransomware.
With ransomware, a virus is loaded on your computer or phone and it effectively brings those devices to a grinding halt.
Here’s the m.o. of how this works: You’re on the phone or computer and there’s a clickthrough to a video. The video is infected with a virus that shuts your device down. Then a pop-up window appears saying your device is in lock down and you have to pay $300 to have it unlocked.
The pop-ups may display a message from the ‘U.S.A. Cyber Crime Center,’ ‘FBI Department of Defense’ or some other legit-sounding organization. But there’s nothing legit about it — despite the bogus government seals and maybe even a picture of a stern-looking President Obama.
The Internet Crime Complaint Center reports some ransomware seizes up devices with pop-up windows branded with the FBI logo! The pop-up window typically warn the computer contains ‘child pornography, unlicensed materials or ‘computer-use negligence,’ according to The Cleveland Plain Dealer.
If someone is holding your device hostage for money, never pay the ransom. There’s no way to tell the scammers will do what they say and not load additional viruses on your computer. Second, you’re rewarding bad behavior if you pay them.
Fortunately, there is a way to unfreeze your device yourself…
Follow these directions to take back your device
These directions come courtesy of Apple Support Communities:
Some of these scam popup messages are very easy to dismiss:
- If a checkbox appears with the text ‘Don’t show more alerts from this webpage’, select it, then click the Leave Page or OK button.
- If that option does not appear, try repeatedly and quickly clicking the Leave Page or OK button while also pressing the key combination âŒ˜ W.
- If the Leave Page or OK button is not visible because the dialog box extends beyond your display’s lower limit, the Return or Enter key should perform the equivalent action.
Either option may result in interrupting the script preventing you from closing the page normally. If it does, you’re finished. If not, or you grow tired of that method, continue below.
- Quit Safari. If necessary, force Safari to close by following these instructions: Force an app to close on your Mac – Apple Support.
- Summary: choose ï£¿ (Apple menu) > Force Quit…
- Or, using three fingers press the three-key chord âŒ˜ (the Command key, next to the space bar) Option (the key next to it) Escape (the key at the upper left of your keyboard).
- A dialog box with the title Force Quit Applications will open.
- Choose Safari, click the Force Quit button, and confirm the dialog with Force Quit again.
- Close the dialog box.
- Press and hold a Shift key and keep it depressed while launching Safari again.
- When Safari opens, release the Shift key.
- This action prevents Safari’s previously loaded pages from loading again upon launch.
If that does not immediately fix the problem:
- Force Safari to quit again.
- Disconnect from the Internet by selecting Wi-Fi ‘off’ in the Mac’s menu bar, or disconnecting its Ethernet cable if you’re not using wireless. See pictures below.
Turn Wi-Fi ‘off’
Disconnect Ethernet cable (MacBook Pro)
Disconnect Ethernet cable (iMac)
- Launch Safari again by pressing and holding a Shift key while launching Safari.
- No pages will be able to load since you’re not connected to the Internet.
- Select the Safari menu > Preferences > General, and review your home page selection.
- Select the Privacy pane > Remove All Website Data… > Remove Now.
- After you reconnect to the Internet, you will need to sign in again with all websites that require authentication (such as this one).
- Close the Preferences window.
- (optional) Select the History menu > Clear History…
- Choose an appropriate period to clear from the dropdown menu. That action will ensure you don’t inadvertently navigate back to the same problematic web page.
- Turn Wi-Fi back on again or reconnect your Ethernet cable.
You’ll be back in business.
In an abundance of caution, consider the following additional actions. They are not required to eliminate the scam webpage but you should review them to determine certain Safari settings have not been unexpectedly altered.
- Open Safari’s Preferences… again and select Extensions. Uninstall any Extensions that you are not certain you require by clicking the Uninstall button.
- If you are not sure what to uninstall, uninstall all of them. None are required for normal operation.
- Select the Privacy pane. Verify ‘Cookies and website data’ is configured the way you expect. If you are not certain what choice is appropriate, choose ‘Allow from websites I visit’.
- For OS X versions prior to Yosemite the equivalent preference is ‘Block cookies and other website data’ > From third parties and advertisers.
Force Safari to quit by quickly double-clicking the Home button. On that screen, swipe left or right until you find Safari with a preview of the problematic web page. Swipe that image up and away to terminate it:
Force Close (iOS 8)
Force Close (iOS 9)
The unresponsive Safari page will be gone, but if you were to launch Safari again it might just reappear. To prevent that from occurring, go to Settings and scroll down a bit until you see Safari. Tap Safari, then tap Clear History and Website Data. Confirm the dialog that appears next, and you’ll be back in business. The effect of clearing website data will require you to ‘sign in’ again to websites that require authentication (such as this one).