Skip to main content

iOS 10.3 fixes security hole that allowed hackers to take control of Safari & demand ransom fee

Apple released iOS 10.3 earlier today and included in it were a host of new features. As usual, however, there are a number of under-the-hood changes as well. Arstechnica notes that iOS 10.3 fixes a bug that in Safari allowed for scammers to trick users into paying fees.

The report explains that the flaw allowed ransomware scammers to display popup windows in a sort of endless cycle. The user would end up on an attacker website that posed as a law enforcement site informing them that they had to pay a fine for some sort of illegal action. In most cases, Arstechnica says the ransomware targeted users viewing pornography or attempting to illegally download music or other content.

Researchers from Lookout describe how hackers were able to capture users and trick them into paying the ransom fee. Essentially, the hackers would prevent users from accessing any function of Safari until the ransom fee had been paid.

The scammers abused the handling of pop-up dialogs in Mobile Safari in such a way that it would lock out a victim from using the browser. The attack would block use of the Safari browser on iOS until the victim pays the attacker money in the form of an iTunes Gift Card. During the lockout, the attackers displayed threatening messaging in an attempt to scare and coerce victims into paying.

The flaw was first discovered when a user was led to the website pay-police dot com and thereby lost control of Safari. The screenshot above shows how the user ended up on the site and the endless cycle of popups that they experienced.

Users could fix the issue by clearing their browsing history and cache, but with iOS 10.3, the flaw has been fixed entirely and thus users should no longer get trapped in the endless cycle of JavaScript popups.

The scammers abused the handling of pop-ups in Mobile Safari in such a way that a person would be “locked” out from using Safari unless they paid a fee — or knew they could simply clear Safari’s cache.

A detailed explanation of the issue can be read on the Lookout blog.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Chance Miller Chance Miller

Chance is the editor-in-chief of 9to5Mac, overseeing the entire site’s operations. He also hosts the 9to5Mac Daily and 9to5Mac Happy Hour podcasts.

You can send tips, questions, and typos to chance@9to5mac.com.

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications