NSA Virus scam and new Safari vulnerabilities in OS X Yosemite (OS X 10.10)
Last update: July 5 2015.
I just installed Safari version 8.0.2 and I noticed a dangerous vulnerability.
While I was browsing, a pop-up window suddenly appeared on my screen, warning that my computer had been locked based on the prism surveillance program and I should pay a $300 fine to unlock it.
I forcibly quit Safari, making sure not to click any of the links in the webpage, and deleted all my browser cache.
After Googling, I found out this is a virus scam called NSA Virus that infects Windows systems with malware but can also attack OS X systems and mobile devices. Apparently it doesn't really harm OS X systems. In this case, it works as a psychological scam because it causes Safari or other browsers to hang and be unresponsive, which can make the least computer literate users panic and fall for it. If you don't click any link in the page, you shouldn't be infected. This risk is higher for Windows system, because in this case it's easier for an attacker to run executable code by using JavaScript.
I scanned my system with both Bitdefender Antivirus for Mac and AdwareMedic but nothing was found.
However, this led me to find out a dangerous Safari vulnerability in Yosemite.
In fact, until Safari 7 version, it was possible to reset Apple's browser to its default settings from Safari/Reset Safari.
The newest version has totally removed this option and now, in case of hijacking (which happened to some OS X user, as a consequence of this malware), there's no way to directly reset the browser.
The current version allows only to remove the browsing data, which doesn't offer a solution to this problem.
Update 01/27/2015: I found a workaround for this problem:
7/5/2015 Update: I've recently updated OS X to the 10.10.4 version, but the above problems seem still unsolved. The Reset option hasn't been re-introduced yet, which makes me hold the above considerations still valid.
Comments
Post a Comment