New Apple iOS 10.3 Fixes Ransomware Flaw in Mobile Safari

Surfsafe® Pakistan – Officials Launch A Portal For Reporting Online Extremist Content
March 26, 2017
India Blames Pakistani Hackers For Latest IRS Website Hack
March 30, 2017

New Apple iOS 10.3 Fixes Ransomware Flaw in Mobile Safari

 

ios 10.3

Apple released  iOS 10.3 earlier today and included in it were a host of new features. As usual, however, there are a number of under-the-hood changes as well. Tier3 found out that iOS 10.3 fixes a bug that in Safari allowed for scammers to trick  install ransomware and force users into paying fees.

The report explains that the flaw allowed ransomware scammers to display popup windows in a sort of endless cycle. The user would end up on an attacker website that posed as a law enforcement site informing them that they had to pay a fine for some sort of illegal action. In most cases, this ransomware targeted users viewing pornography or attempting to illegally download music or other content.

Researchers from Lookout describe how hackers were able to capture users and trick them into paying the ransom fee. Essentially, the hackers would prevent users from accessing any function of Safari until the ransom fee had been paid.

The scammers abused the handling of pop-up dialogs in Mobile Safari in such a way that it would lock out a victim from using the browser. The attack would block use of the Safari browser on iOS until the victim pays the attacker money in the form of an iTunes Gift Card. During the lockout, the attackers displayed threatening messaging in an attempt to scare and coerce victims into paying.

The flaw was first discovered when a user was led to the website pay-police dot com and thereby lost control of Safari. The screenshot above shows how the user ended up on the site and the endless cycle of popups that they experienced.

Users could fix the issue by clearing their browsing history and cache, but with iOS 10.3 Upgrade, the flaw has been fixed entirely and thus users should no longer get trapped in the endless cycle of JavaScript popups.

The hackers abused the handling of pop-ups in Mobile Safari in such a way that a person would be “locked” out from using Safari unless they paid a fee — or knew they could simply clear Safari’s cache.

Leave a Reply