Yer Money or Yer Life!

Posted by: Celandine

Yer Money or Yer Life! - 11/02/13 02:19 PM

I was just made aware of a bit of "RANSOMWARE"**
Making the rounds (via e-mail) I'm afraid to
click on any of the Sites that PROMISE To Remove
such things to get the Down 'N' Dirty but I
figured I'd give a Heads-Up just in case.

Running my eyes over Google lines... it seems
to have been making the rounds since Mid-October
and who-ever is putting it out requests $300.00
for the unlucky computer owner to regain the
use of his/her computer. smirk

Ted saw it on the News, and warned me about it..
..does anyone know any more about it?
..and are Apple Products vulnerable to this strain?
Posted by: Pirate

Re: Yer Money or Yer Life! - 11/02/13 08:26 PM

About this time last year I got the FBI ransomware on one of my computers ..took for ever to get it off so I could use it again, same thing wanted three hundred to turn my computer back over to me..this sounds like the same thing
Posted by: Celandine

Re: Yer Money or Yer Life! - 11/03/13 10:57 PM

ken anybody give more info on this, please?
Posted by: KateSorensen

Re: Yer Money or Yer Life! - 11/03/13 11:56 PM


This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an attacker who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.


OS X versions 10.6.7 and later have built-in detection of known Mac malware in downloaded files. The recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders. In most cases, there’s no benefit from any other automated protection against malware.

The most effective defense against malware attacks is your own intelligence. All known malware on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of trojans, which can only work if the victim is duped into running them. If you're smarter than the malware attacker thinks you are, you won't be duped. That means, primarily, that you never install software from an untrustworthy source. How do you know a source is untrustworthy?

Any website that prompts you to install a “codec,” “plug-in,” or “certificate” that comes from that same site, or an unknown one, is untrustworthy.

A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. [Some reputable websites did legitimately warn users who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.]

“Cracked” copies of commercial software downloaded from a bittorrent are likely to be infected.

Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. No intermediary is acceptable.

Java on the network (not to be confused with JavaScript, to which it's not related) is always a potential weak spot in the security of any operating system. If Java is not installed, don't install it unless you really need it. If it is installed, you should disable it (not JavaScript) in your web browsers. Few websites have Java content nowadays, so you won’t be missing much. This setting is mandatory in OS X 10.5.8 or earlier, because Java in those obsolete versions has known security flaws that make it unsafe to use on the Internet. The flaws will never be fixed. Regardless of version, experience has shown that Java can never be fully trusted, even if no vulnerabilities are publicly known at the moment.

Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.

Never install any commercial "anti-virus" products for the Mac, as they all do more harm than good. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.

And this from Tech Republic

click link

Posted by: Celandine

Re: Yer Money or Yer Life! - 11/04/13 12:24 AM

I'm unable to update any further than 10.5.8
Posted by: Reboot

Re: Yer Money or Yer Life! - 11/04/13 12:58 AM

Originally Posted By: Celandine

ken anybody give more info on this, please?

I've removed a few FBI ransom ware over the last 3 years or so, all Windows, although they were all total infections not just JavaScript in web pages.

I have never seen a Mac ransomeware that infects and is a real virus, but here is a relative. The JavaScript variation in Mac is not invasive like the Windows virus version, which actually installs files, and requires a full virus scan to even be able to use the computer as it takes over the screen. A lot of times manual removal of files along with the automatic is needed.

The look of the "give us money window" on the Mac is the same, but all it does on a Mac is get Safari (Chrome too) stuck in a loop after clicking on a link with an embedded JavaScript. The only way out other than paying them is Force Quit Safari. The next time you open Safari it re-opens the closed windows from the last session though, and you're back in the dialog box loop again.

Short Story. Force Quit Safari, hold the Shift key down while reopening it to make it load only your home page and not the page with the bad JavaScript. That link explains what happens in more detail, but their recommendation of resetting all of Safari is overkill.

From what I understand in Windows the same JavaScript will run and gets browsers stuck like in Safari, and you have to do some kind trick like Safari, although the Windows JavaScript version doesn't take the whole computer over requiring disinfection like the virus version, I think. You can Force Quit the browser and still use the computer.

My guess is this has been around a while, and if not already a fix will be in from Apple in some security patch.
Posted by: Celandine

Re: Yer Money or Yer Life! - 11/04/13 03:24 AM

Thank You for the reply.