• Welcome to the Off-Topic/Schweb's Lounge

    In addition to the Mac-Forums Community Guidelines, there are a few things you should pay attention to while in The Lounge.

    Lounge Rules
    • If your post belongs in a different forum, please post it there.
    • While this area is for off-topic conversations, that doesn't mean that every conversation will be permitted. The moderators will, at their sole discretion, close or delete any threads which do not serve a beneficial purpose to the community.

    Understand that while The Lounge is here as a place to relax and discuss random topics, that doesn't mean we will allow any topic. Topics which are inflammatory, hurtful, or otherwise clash with our Mac-Forums Community Guidelines will be removed.

Got Crypto Locker/Ransomware on your Mac?

Joined
Apr 20, 2009
Messages
4,301
Reaction score
124
Points
63
Location
The lonely planet
Your Mac's Specs
Too many...
I was simply looking for answers/questions to common healthcare interview questions. This one page took a bit to load, when a white page came up with a red field behind it. I had already done a lot of research on these type of viruses and had one friend who had it on his Windows machine, but never thought about it on the Mac. It was not possible to help him with most of his files, but the virus was removed.

My ransomware page had an FBI logo on the left corner, a field with my location and IP address, and a statements about copyright and related rights, and illegal access from something. You can try quitting out of Safari, but a popup will block you from doing so. Forcing Safari to quit, or shutting your computer down manually, are two ways to close out of it.

To get this virus popup while doing such a simple search kind of worries me...I wasn't really thinking about viruses when looking for interview questions.

Getting a little freaked out, the first thing I did was unplug the ethernet from my Mac Pro, and disconnected the power cable(without worrying about turning it off properly), both at about the same time. Haven't really practiced this stuff, so I was just going on instinct I guess.
Then, I ran downstairs to unplug the network stuff. These ransomware viruses can actually travel from one device onto another if they share the same network.
I went back upstairs and took out 3 HDDs(BootCamp, TimeMachine, and Data files) and left in only the OS ssd.
Held the power button on for 15 seconds just for fun.
Turned the MP back on with the ethernet unplugged and network still off(just in case the wifi was on).
When you open up Safari, it might want to automatically take you back to the last website visited, which should be the ransomware's site, and since you have no network connection, it can't force popups on you. From here, you have to reset Safari. Might as well do everything just to be safe, is my motto.
Note: All this can be done with the computer connected to the internet, but doing it with no connection does not allow any interaction between the site and other devices you might have.

According to some further research, these viruses do not yet have any true sticking abilities on the Mac, thankfully. It can't embed itself and encrypt files the way it can on Windows machines. What it does pray on is that people will get freaked when they can't quit out of Safari, and see that it keeps going back to that sight, enough that they will pay the ransom....when in reality, it's the lazy virus attempt on a Mac. It's no joke on a Windows machine, though.

Now I have something fun to tell during the interview. Wish me luck!
 

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
This might be an interesting read if you want to learn about something that's truly scary. What's worth noting here about this one - OS X succumbed to this one just as badly as others. In fact, it even rooted itself in an OpenBSD install and if it can do it there, well, it's safe to say that this malware is pretty pernicious (for those that don't know, OpenBSD's primary focus in security and it has a reputation for being one of the most secure operating systems in use).
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top