iPhone users urged to download latest iOS update to protect against ransomware scam

0

iPhone users are being urged to install the latest iOS update in order to avoid being hit by a new ransomware scam.

The flaw in iOS allows hackers to take control of the Safari web browser before demanding a ransom from the victim.

The flaw created a pop up window that claimed the user had been illegally downloading music or porn and demanded payment of £100 in iTunes credit.

One of the fake pop ups was even made to look like it had come from an official Metropolitan Police website, while a similar page included the logos of Interpol, which claimed the web browser had been locked and would only be unlocked if a payment was made.

lookout

The flaw then created a non stop loop of pop ups that read “cannot open page” and took over Safari, locking the user out of the web browser.

However, Apple has now fixed the flaw in the latest iOS update, iOS 10.3, which was released earlier this week.

The flaw was discovered by online security firm Lookout, who only disclosed it after Apple released its update.

Explaining how the flaw worked, Lookout said: “The scammers abused the handling of pop-up dialogs in Mobile Safari in such a way that it would lock out a victim from using the browser.”

“The attack would block use of the Safari browser on iOS until the victim pays the attacker money in the form of an iTunes Gift Card.

“During the lockout, the attackers displayed threatening messaging in an attempt to scare and coerce victims into paying.

“Its purpose is to scare the victim into paying to unlock the browser before he realizes he doesn’t have to pay the ransom to recover data or access the browser.

“Lookout found this attack in the wild last month, along with several related websites used in the campaign, discovered the root cause, and shared the details with Apple.”

If you haven’t already done so, you can update your iPhone to iOS 10.3 by going to Settings > General > Software Update.

Share.

Comments are closed.