It’s a security myth that needs to die: if you have a Mac, you’re safe. The argument is that there aren’t as many viruses out there for OS X, so you don’t need to worry about anything; security threats, this line of thinking goes, are a Windows problem.
This is less true now than ever before, but even so: security isn’t just about the operating system you use. Security is about knowledge. Knowing how to tell if your Mac has a virus and how to beat ransomware is the best defence you can have.
The FBI Ransomware that affected Mac users a couple years ago is a great example of this. Here’s a piece of “ransomware” that didn’t infect your computer, at all, yet convinced people to pay up.
Here’s the scenario. You’re browsing the web, minding you’re own business, when you click a link. Maybe you accidentally clicked an ad; maybe you were trying to find a free movie or TV show. Whatever you did, you somehow ended up here:
Oh no! It’s the FBI! They’ve apparently been monitoring your web traffic, and they know about the copyright violations you’ve been committing – watching all those pirated movies and TV shows!
Except, you know this is nonsense – right? So you try to close the tab. That’s when things get…annoying.
Try to close the tab, or your browser, as many times as you want – you’ll always see this popup. Force quit your browser, then restart it, and you’re right back where you started. It’s maddening!
Yes, but it’s also not malware. Google “FBI Ransomware Mac” and you’ll find all kinds of articles claiming this was a “virus”, but it wasn’t. To quote The Safe Mac’s Thomas Reed:
That’s right: this is running entirely in your browser – there’s no infection. You can actually see the few lines of code that make this possible on the Malwarebytes blog. Knowing how persistent this bit of script is, you can see how some people might think it’s a virus – or how someone with very little knowledge might think it’s actually the FBI.
Some people paid up, but obviously they shouldn’t have.
If you think you’re facing a reincarnation of this ransomware, antivirus software won’t help you (again, there’s no virus). Happily, the fix is pretty simple: you just need to force quit your browser, then start it again without restoring your tabs.
Restarting Safari Cleanly
Click the Apple logo at top-left, then click Force Quit.
Find and select Safari in the box that pops up, then click the Force Quit button.
This should shut down Safari without the FBI nag popping up. If you try to start Safari after doing this, the tab will restore and you’ll be back where you started – happily there’s a workaround. When starting Safari, hold the Shift key – this will start Safari without restoring your tabs.
Restarting Chrome Cleanly
As with Safari, click the Apple logo at top-left and then Force Quit. Select Chrome, then click the Force Quit button. Start Chrome again, and you should see this:
Don’t restore your previous session, and you should be fine.
Restarting Firefox Cleanly
Firefox is a little trickier. Head to Firefox’s Preferences, then change the When Firefox Starts setting.
Force Quit Firefox, then restart it, and you should see a blank browser.
If All Else Fails, Try CCleaner
Maybe the above steps didn’t work for you. If so, you might need to empty your browser’s cache and history. There’s a full version of CCleaner for the Mac, and it’s great for wiping all the information saved by your browser. If none of the above methods work, force quit your browser and then clean out everything using CCleaner.
Download CCleaner for Mac (it’s free), then run it. Your browser should be clean afterwards.
Stay Informed; Stay Safe
Again: this particular piece of ransomware wasn’t a virus, but it tricked people into paying up. Security software is helpful, but to really avoid falling for tricks like this you need knowledge. Understanding how these tricks work keeps you secure, so read our guide to ransomware and other threats for a brief overview.
To keep up with Mac security news, I recommend subscribing to The Safe Mac in addition to our own security section. If there’s a thread out there to Mac users, you’ll read about it quickly between our two sites. If you know any other resources to check out, please: share them in the comments below. Also feel free to let us know about any other pieces of Mac ransomware that pop up.
(Images of ransomware via Malwarebytes)