iOS 10.3 update closes loophole scammers use to lock up Safari

If you haven't updated to iOS 10.3 yet, you really, really should.
0
iOS 10.3 update closes loophole scammers use to lock up Safari

Apple’s update to iOS 10.3 closed a loophole that’s been present in the OS for at least a couple of years that allowed malicious code to lock up the Safari browser and demand payment to restore access.

According to security company Lookout, the vulnerability is being actively exploited on devices not running the latest version of iOS, but before you go reaching for your wallet, there’s no need to actually pay to fix the problem. Instead, just clear all your browsing data and app cache, and the problem should be resolved.

The problem is triggered when visiting a domain with the malicious JavaScript that triggers a pop-up loop, and while you wouldn’t do that deliberately, personal blogs are frequently compromised by scammers as a way to distribute malware.

Part of the scam message that appears on an infected page, according to screenshots sent to Lookout Security.

iOS 10.3 gets around the issue by dealing with each individual tab in Safari separately, so if one is causing you problems, you should be able to close it without affecting the rest of your open pages.

While Android users are more frequently targeted by scammers and malware, the sheer size of the iPhone user base means it remains an attractive target. In this instance, there’s no ‘payload’ beyond the fear instilled in the user – there’s no malicious files being download, luckily.

Affiliate Disclosure
Some articles contain affiliate links that allow us to earn money if you decide to purchase any of these products or services. This does not cost you any extra money, and it allows us to continue to run this website. Affiliate links have no relation to review ratings or other editorial coverage. You can read the full policy here.

Ben

Ben

I started this site and keep it running. Tech. Sex. The future. SEXTECHGUIDE is a place to look a bit closer at that the place where those things meet. You can find my work before SEXTECHGUIDE on WIRED, TrustedReviews, The Inquirer, V3, The Next Web and many more sites. If you want to get in contact, please get in touch using the contact form

Be the first to leave a comment

Leave a reply

SEXTECHGUIDE
Logo