Hackers have found a way to use some basic JavaScript code to trick unsuspecting Mac users into paying US$300 for surfing the Web. The threat tricks users into thinking they have been viewing or distributing pornographic content by hijacking Safari and displaying a warning that appears to come from the FBI.
The scam doesn't rely on system vulnerabilities, but instead loads a webpage that includes JavaScript code that loads 150 iframes to display the message over and over, according to Malwarebytes. When Safari users force quit the application, the iframes reload the next time the app is launched thanks to its built-in restore from crash feature.
Since the threatening warning is set to reload 150 times, victims are more likely to assume they really have been locked out of their Web browser and pay the ransom.
Assuming you fall victim to the scam, Safari users can break the warning loop by using Command-Option-Escape to force quit the application, then hold down the Shift key when relaunching to stop the auto-reload of webpages. You can also kill the ransom loop by choosing Safari > Reset Safari, which will clear your history, autofill data, saved names and passwords, and more.The threat states, "you have been viewing or distributing prohibited Pornographic content.. To unlock your computer and to avoid other legal consequences, you are obligated to pay a release fee of $300," which sounds pretty ominous, especially when coupled with an FBI symbol.
This ransom scam isn't a system-level security threat, so Apple doesn't need to release a software update to address it, although the company will most likely roll out an update to OS X's built-in malware protection list that helps block the ransom dialog from appearing.
If you see warnings in your Web browser saying you did something wrong and must now pay a fine, it's a scam.