{"id":18477,"date":"2013-09-26T11:46:03","date_gmt":"2013-09-26T18:46:03","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=18477"},"modified":"2015-03-26T13:16:22","modified_gmt":"2015-03-26T20:16:22","slug":"new-ransomware-prank-affects-chrome-safari-browsers","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/new-ransomware-prank-affects-chrome-safari-browsers\/","title":{"rendered":"New Ransomware Prank Affects Chrome, Safari Browsers"},"content":{"rendered":"

\"FBI-Ransomware\"<\/a><\/p>\n

Last July<\/a>, a ransomware prank was found making the rounds on Safari browsers, which tied up the browser window with excessive pop-ups purporting to be from the FBI, demanding users send $300 to have their browser unlocked. The ransomware\u00a0wasn’t harmful to the user\u2019s system, and it could be easily bypassed. Well, we’re seeing yet another round of this irritating prank, and this time it affects Chrome and Safari browsers.<\/p>\n

There’s a couple ways to kill this prank from each of the affected web browsers.<\/p>\n

Google Chrome<\/h3>\n

If you see this in the Google Chrome browser, following are instruction for two ways to clear this threat from Chrome:<\/p>\n

1. Create a new cache directory in Terminal<\/strong><\/p>\n

Launch Chrome with a new cache directory by typing a Terminal command:<\/p>\n

\/Applications\/Google\\ Chrome.app\/Contents\/MacOS\/Google\\ Chrome –disk-cache-dir=\/tmp<\/p>\n

After this, quit Chrome then delete the files in this folder:<\/p>\n

~\/Library\/Caches\/Google\/Chrome\/Default\/<\/p>\n

2.\u00a0Clear related data in Chrome<\/strong><\/p>\n

You can type in the URL:<\/p>\n

chrome:\/\/settings\/clearBrowserData<\/p>\n

Then, clear any data that appears to be related to this prank.<\/p>\n

Safari<\/h3>\n

If you see this in the Safari browser, following are instructions for two ways to clear this threat from Safari:<\/p>\n

1. Reset Safari<\/strong><\/p>\n

In the Safari menu, choose \u201cReset Safari.\u201d The browser will restart without bringing up the problematic site. It will, however, erase a lot of other historical, saved data.<\/p>\n

\"Reset<\/a><\/p>\n

2. Force Quit + Hold Shift Key While Restarting Safari<\/strong><\/p>\n

The other tactic simply targets the function that resumes open windows after a crash, which can be done by holding the Shift key while starting Safari.<\/p>\n

First you will need to force-quit Safari as you would expect, either by going to the Apple menu and choosing \u201cForce Quit\u201d and choosing to quit Safari, or by using the keyboard-combination Command + Option + Escape to bring up the same window.<\/p>\n

The second step is to hold the Shift key while restarting Safari, which restarts the browser without restarting any previously open windows.<\/p>\n

We also encourage anyone who encounters ransomware to send the files to\u00a0sample@virusbarrier.com<\/a>\u00a0for further analysis.<\/p>\n

All this highlights the fact that a multi-layered approach to security is the best method to protect\u00a0your digital life from the bad guys.\u00a0Intego offers powerful Mac antivirus and security software that works together to create layers of security<\/a>. This tactic\u00a0makes your machine a less profitable (and therefore less desirable) target for cybercriminals.\u00a0So keep your Mac safe with advanced Mac security solutions such as Intego Mac Premium Bundle<\/a>, which protects from malware, network attacks, web threats, spyware, and more.<\/p>\n

Update:<\/strong>\u00a0The process for resetting Safari has changed with OS X Yosemite. Curiously, Apple has actually made this process a lot more difficult than it used to be. There are now three different areas inside Safari for removing certain information.<\/p>\n

To reset Safari in OS X Yosemite, follow these steps:<\/p>\n

In the Safari menu, choose “Clear History and Website Data,” and a Privacy preferences window will open.<\/p>\n

\"Safari<\/a><\/p>\n

Click the “Remove All Website Data” button from Privacy preferences, and it will ask you if you are sure you want to remove all data stored by websites on your computer.<\/p>\n

\"Remove<\/a><\/p>\n

\"Safari<\/a><\/p>\n

Select “Remove Now” to clear data that could be used to track your browsing. Next, you’ll want to clear caches. To do so, you now\u00a0have to enable Develop mode to clear Safari cache. Here’s how to clear Safari cache:<\/p>\n