As posted on Apple fixes bug that exposed Safari users to money-hungry hackers
Attention iOS users: If you haven’t already updated your device(s) to iOS 10.3, do it ASAP.
While iOS 10.3 doesn’t come with any major new features outside of Find My AirPods, it does include one major patch for a scary Safari exploit.
According to Lookout, which discovered the security hole and reported it to Apple, the bug allowed scammers to “execute a scareware campaign” by using pop-ups within the Safari web browser.
In a nutshell, the attackers used the hole to bombard victims with pop-ups and render Safari unusable unless a ransom fee in the form of an iTunes gift card is paid.
“During the lockout, the attackers displayed threatening messaging in an attempt to scare and coerce victims into paying,” according to Lookout.
While Lookout outlines a way to clear Safari’s cache and make it functional again, it says the goal of the threatening message is mainly to “scare the victim into paying to unlock the browser before he realizes he doesn’t have to pay the ransom to recover data or access the browser.”
The security patch is yet another reminder that no matter how protected a platform is, no platform is truly secure. The lesson here, then? Go update your iOS device, you lazy butt.
Always update your phone to the newest version. Always.