Security News

New Ransomware Prank Affects Chrome, Safari Browsers

Posted on September 26th, 2013 by

FBI-Ransomware

Last July, a ransomware prank was found making the rounds on Safari browsers, which tied up the browser window with excessive pop-ups purporting to be from the FBI, demanding users send $300 to have their browser unlocked. The ransomware wasn't harmful to the user’s system, and it could be easily bypassed. Well, we're seeing yet another round of this irritating prank, and this time it affects Chrome and Safari browsers.

There's a couple ways to kill this prank from each of the affected web browsers.

Google Chrome

If you see this in the Google Chrome browser, following are instruction for two ways to clear this threat from Chrome:

1. Create a new cache directory in Terminal

Launch Chrome with a new cache directory by typing a Terminal command:

/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disk-cache-dir=/tmp

After this, quit Chrome then delete the files in this folder:

~/Library/Caches/Google/Chrome/Default/

2. Clear related data in Chrome

You can type in the URL:

chrome://settings/clearBrowserData

Then, clear any data that appears to be related to this prank.

Safari

If you see this in the Safari browser, following are instructions for two ways to clear this threat from Safari:

1. Reset Safari

In the Safari menu, choose “Reset Safari.” The browser will restart without bringing up the problematic site. It will, however, erase a lot of other historical, saved data.

Reset Safari

2. Force Quit + Hold Shift Key While Restarting Safari

The other tactic simply targets the function that resumes open windows after a crash, which can be done by holding the Shift key while starting Safari.

First you will need to force-quit Safari as you would expect, either by going to the Apple menu and choosing “Force Quit” and choosing to quit Safari, or by using the keyboard-combination Command + Option + Escape to bring up the same window.

The second step is to hold the Shift key while restarting Safari, which restarts the browser without restarting any previously open windows.

We also encourage anyone who encounters ransomware to send the files to sample@virusbarrier.com for further analysis.

All this highlights the fact that a multi-layered approach to security is the best method to protect your digital life from the bad guys. Intego offers powerful Mac antivirus and security software that works together to create layers of security. This tactic makes your machine a less profitable (and therefore less desirable) target for cybercriminals. So keep your Mac safe with advanced Mac security solutions such as Intego Mac Premium Bundle, which protects from malware, network attacks, web threats, spyware, and more.

  • Al Varnell

    Is this another JavaScript? If so, why can’t you just back out of it (using the back button), disable JS, clear the cache and re-enable JS?

  • http://www.lemonparty.org/ Some Guy Somewhere

    Why aren’t browser developers protecting against this crap?

Join Our Awesome Email Newsletter

Enter your email address below to start receiving the best Mac Security Updates.

{"url":"\/marketo\/json\/add-to-newsletter","data":"list_name=Blog Roadblock"}