User profile for user: tolangston
tolangston Author
User level: Level 1
8 points

Anyone else hacked with Ransomware on Safari?

On March 4, I got a blue screen telling me to call the listed Microsoft representative immediately to unlock my Mini Mac. I was on Safari but everything locked up except the blue screen. Then a recording came through my speakers explaining that I have a serious problem and should not try to do anything until I called the phone number listed on the blue screen. I was unable to do anything on Safari, but was able to open another browser through Firefox. From there I was able to delete all current time machine backups and restored to early March 3. Everything seems to be working ok now, but today I saw an article from Palo Alto Networks that there may be a dormant malware that could resurface three days AFTER infected. PAN also said this attack is attempting to get into time machine backups to prevent what I think I did to restore control. I am not an expert by any means, but I have critical information that I can not afford to lose. I have heard that some have been paying a ransom for similar problems. I thought I was safe with Apple and my small business records. I doubt that this issue was exclusive to me. Any information on this or how to prevent it from repeating would be greatly appreciated.

Mac mini, OS X El Capitan (10.11.3)

Posted on Mar 9, 2016 9:44 AM

Reply
6 replies
User profile for user: Dah•veed
Dah•veed
User level: Level 9
66,727 points

Mar 9, 2016 1:41 PM in response to tolangston

The recent ransomware was limited to a certain version of Transmit, a torrent app. The developer has since issued a clean version of their app. It would have locked up your entire computer, not just Safari.


You encountered a website, one that usually pops up if you are browsing a shady site, that locked up Safari. All that you needed to do was Force Quit Safari and not visit sites prone to that sort of popup advertising in the future.


Late 2012 Mac mini, OS X El Capitan 10.11.3; Apple Watch, 38 mm silver AL, Watch OS 2.1; iPad Air 2 & iPhone 6+, iOS 9.3

Reply
User profile for user: tolangston
tolangston Author
User level: Level 1
8 points

Mar 9, 2016 2:00 PM in response to Dah•veed

Thanks for your response. I hope you are correct. The problem started after I was in my yahoo mail and went to a Facebook message from a friend. The blue screen popped up soon after opening that message which turned out to be from "MagicCoupon" (Spam). Within that blue screen was a pop up that required a response (only option was ok) before anything else would work. After checking ok, the recorded message started but I still could not move from that page. After a shut down and restart I was taken back to the same blue screen. Force quit Safari did not work. Only Safari was locked up. I launched Firefox and was able to get around normally. I was unable to use Safari until I deleted current backups and restored to an earlier date. My concern is that I don't have some malicious software waiting to attack my system.

Reply
User profile for user: Dah•veed
Dah•veed
User level: Level 9
66,727 points

Mar 9, 2016 2:40 PM in response to tolangston

It sounds like your friend's account has been hacked by someone and they are sending these fake emails to the friend's contact list to capture folk's browser with this website. I have experienced this as well in the past. Sometimes it takes two or three times force quitting Safari (or whichever browser is configured to be your default browser) before the app catches on and doesn't reopen the pages that were open when it was forced to quit.


Have you alerted your friend that their account may have been hacked? Sometimes they are completely unaware that their friends are being highjacked by fake emails supposedly from them.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Anyone else hacked with Ransomware on Safari?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up