These days, we rely on our phones for just about everything. So, imagine if you thought you were locked out of your iPhone due to a ransomware infection.
In a recent scam, some iPhone users browsing in the Safari app thought just that. According to the BBC, the scam launches a pop-up accusing users of viewing illicit websites or illegally downloaded music. However, no data is actually encrypted. The “scareware” demanded a ransom of over $100 in the form of an iTunes gift card in the hope that victims will pay the ransom before realizing their device is not locked.
According to Apple Insider, another scam enacts an endless loop of pop-ups to attempt to lock the user out of their browser. Fortunately, a cache reset will bypass the pop-up. Users can do so by going to Settings>Safari>Clear History and Website Data.
Apple has issued a patch in their 10.3 update which closed the attack vector by changing how Mobile Safari handles website pop-up dialogs, making them per-tab rather than taking over the entire app.
This is a good reminder to practice good habits when browsing the web, and avoid any websites that seem less than reputable.