If your iPhone or iPad (iOS) device is locked, and you are seeing a “ATTENTION! Your phone has been blocked up for safety reasons” notification from a law enforcement agency (FBI, Australian Federal Police, Metropolitan Police, U.S. Department of Justice) asking you to pay a fine via GreenDot MoneyPak, Ukash or Paysafecard code, then your iPhone or iPad has stumbled upon a malicious web page.
The malicious website will lock you out of your Safari web browser, so whenever you’ll try to navigate to a webpage, it will display instead a lock screen asking you to pay a non-existing fine of $300 in the form of an MoneyPak, Ukash, Paysafecard or MoneyGram Xpress voucher. The malware’s authors prefer these payment services because transactions made through them cannot be reversed and are hard to trace.
Furthermore, the malicious website will claim that all your file are encrypted. The good news is that this website doesn’t scramble any of your data or exfiltrate audio and video as it claims; it merely locks your phone with a popover browser window that quickly reappears if you try to get clear of it.
Is my iPhone or iPad phone infected with the Police or FBI virus?
If your computer is infected with the iPhone or iPad phone virus, this infection will display a localized webpage that covers the Safari web browser screen and demands payment for the supposed possession of illicit material.
Cyber criminals often updated the design of this lock screen, however you should always keep in mind that the Federal Bureau of Investigation or any other police agency will never lock down your iPhone or iPad phone.
The message displayed by this ransomware infection can be localized depending on the user’s location, with text written in the appropriate language:
ATTENTION! Your phone has been blocked up for safety reasons listed below.
All the actions performed on this phone are fixed.
All your files are encrypted.
CONDUCTED AUDIO AND VIDEO.
You are accused of viewing/storage and/or dissemination of banned pornography (child pornography/zoophilia/rape etc.) You have violated World Declaration on non-proliferation of child pornography. You are accused of committing the crime envisaged by Article 161 of United Stated of America criminal law.
Article 161 of United States of America criminal law provides for the punishment of deprivation of liberty for terms from 5 to 11 years.
Also, you are suspected of violation of “Copyright and Related rights Law” (downloading pof pirated music, video warez) and of use and/or dissemination of copyrighted content. Thus, you are suspected of violation of Article 148 of United States of America criminal law.
Article 148 of United States of America criminal law provides for the punishment of deprivation of liberty for terms from 3 to 7 years or 150 to 550 basic amounts fine.
It was from your phone, that unauthorized access had been stolen information of State importance and to data closed for public Internet access.[…]
The penalty set must be paid in course of 48 hours as of the breach. On expiration of the term, 48 hours that follow will be used for automatic collection of data on yourself and your misconduct, and criminal case will be opened against you.
Amount of fine is 300$. You can settle the fine with MoneyPak xpress Packed vouchers.
As soon as the money arrives to Treasury account, you phone will be unblocked and all information will be decrypted in course of 24 hours.
This FBI or Police notification is a scam, and you should ignore any alerts that this malicious website might generate.
Under no circumstance should you send an $300 MoneyPak or MoneyGram Xpress voucher to these cyber criminals, and if you have, you can should request a refund, stating that you are the victim of a computer virus and scam.
How to remove Police or FBI virus from iPhone or iPad (Removal Guide)
- Launch the Settings app from the Home screen of your iPhone or iPad.
- Scroll down and tap on Safari
- Now scroll all the way to the bottom and tap on Advanced.
- Tap on Website Data.
- Scroll to the bottom again and tap on Remove All Website Data.
- Confirm one more time you’d like to delete all data.