Deutsch English Français Italiano |
<l5jvq8Fj8sdU1@mid.individual.net> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!2.eu.feeder.erje.net!feeder.erje.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: Jolly Roger <jollyroger@pobox.com> Newsgroups: misc.phone.mobile.iphone Subject: Re: Are iPhones subject to ransomware attacks? Date: 15 Mar 2024 22:18:48 GMT Organization: People for the Ethical Treatment of Pirates Lines: 96 Message-ID: <l5jvq8Fj8sdU1@mid.individual.net> References: <ut26gf$2e534$1@dont-email.me> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Trace: individual.net o5RyJ/T54OqQ/kAulcfwmw6ON7pySgTRJ7c1lpMg4DUY2jnGhS Cancel-Lock: sha1:I+m5AVSntoMdfZ4S9W+L6ROh1Gk= sha256:2PhRV2Lon1LMQUTn0gMnn43ziFtZHsBtf4w3AVPT7jI= Mail-Copies-To: nobody X-Face: _.g>n!a$f3/H3jA]>9pN55*5<`}Tud57>1<n@LQ!aZ7vLO_nWbK~@T'XIS0,oAJcU.qLM dk/j8Udo?O"o9B9Jyx+ez2:B<nx(k3EdHnTvB]'eoVaR495,Rv~/vPa[e^JI+^h5Zk*i`Q;ezqDW< ZFs6kmAJWZjOH\8[$$7jm,Ogw3C_%QM'|H6nygNGhhl+@}n30Nz(^vWo@h>Y%b|b-Y~()~\t,LZ3e up1/bO{=-) User-Agent: slrn/1.0.3 (Darwin) Bytes: 5459 On 2024-03-15, <bp@www.zefox.net> <bp@www.zefox.net> wrote: > > A neighbor asked me for help with an iMac that had fallen victim to > a ransmomware attack ("this computer has been locked, call the number > below...."). To be successfully attacked by malware, a Mac user must interactively download the malware to their computer, interactively launch it from their ~/Downloads folder, and interactively enter administrator credentials when prompted. If your neighbor didn't do all of that, then they probably aren't actually infected. A website displaying a message saying your are infected doesn't mean you actually are - it's more likely just an ad pop-up message trying to trick you into downloading some piece of software that actually *is* malware - a very common thing on shady websites. Your neighbor probably isn't running an ad blocker (like 1Blocker, or AdGuard) which would have prevented them from seeing this scam while visiting the offending website in the first place. To verify there is no malware installed, have them download MalwareBytes (the free version is all they need) and run it. It will tell them if it finds anything nefarious installed. They should also learn from this experience and change their behavior accordingly: As long as you use *safe computing practices*, you really don't need to worry much about Mac malware. Here are some common sense safe computing practices everyone should follow: - always install security updates in a timely manner after they are released - always run an ad blocker (like 1Blocker, AdGuard, or AdBlock Plus) in your web browser so that you won't see distracting advertising as well as unsolicited pop-up windows that claim you are somehow "infected” or "missing some video software" and therefore need to download and install some piece of untrusted software on your computer to fix some supposed "problem” they supposedly "detected" - and if you do still see these, don't fall for them as they are obvious scams - always refrain from downloading and installing software from untrusted sources - instead go directly to the software maker's website or to the official App Store > I'm left wondering if iPhones are subject to similar attacks, since > they offer most of the services found on desktop computers including > browsers. You are nowhere near as likely to fall victim to such malware on iPhones due to the enhanced security protections on them. While a Mac is considered a general computing device, an iPhone is much more locked down due to it being more of an appliance. As such, all apps on iOS devices are sandboxed which means they cannot access the file system outside of their own app sandbox, or data in other apps, or system data, or even things like the camera or microphone without getting explicit permission from the operating system and the owner of the device. This means there is no way for a so-called antivirus program to scan for malware. It also means there is no way for malware to access other apps or the system. And that means there is no need for antivirus utilities in the first place. So-called “antivirus” and “security” apps for iPhone don’t actually scan the device for malware — instead, they try to convince you to purchase additional and unrelated software and services like VPNs. It’s best to avoid these apps, as they are essentially worthless. > The subject computer was reasonably up-to-date and only a couple years > old. The hijack was during an attempt to connect to MapQuest using the > Safari browser. What your neighbor saw was probably just a nefarious "ad" displayed by the website. That "ad" was trying to trick them into downloading malware. This is very common, and an ad blocker will remove such annoyances. > The screen seemed locked and I didn't know how to recover control. It was probably just a web browser window that was full screen. Force quitting the browser would fix that situation. And certainly force shutting down the computer by holding down the power button for 10 seconds would do the trick. > Thanks for reading, and apologies if this is a dumb question! Nah! -- E-mail sent to this address may be devoured by my ravenous SPAM filter. I often ignore posts from Google. Use a real news client instead. JR