Hackers have found a way to use some basic JavaScript code to trick unsuspecting Mac users into paying US$300 for surfing the Web. The threat tricks users into thinking they have been viewing or distributing pornographic content by hijacking Safari and displaying a warning that appears to come from the FBI.
The scam doesn't rely on system vulnerabilities, but instead loads a webpage that includes JavaScript code that loads 150 iframes to display the message over and over, according to Malwarebytes. When Safari users force quit the application, the iframes reload the next time the app is launched thanks to its built-in restore from crash feature.
Since the threatening warning is set to reload 150 times, victims are more likely to assume they really have been locked out of their Web browser and pay the ransom.