Yesterday's iOS 10.3 Update Bring Safari Ransomware Campaign to an End

[Solarquest]

iOS 10.3, released yesterday, has thwarted a screen-locking ransomware campaign that used a bug in mobile Safari to lock users' browsers and demand a ransom paid in iTunes pre-paid gift cards.

This ransomware campaign was first spotted by mobile security firm Lookout last month after one of its clients had his Safari browser locked and unable to use it.

Crooks using old iOS exploit shared on Russian site
Lookout experts analyzed the threat and discovered that crooks behind this new campaign were using an older iOS exploit shared on a Russian website.

According to Lookout, this exploit affected all iOS versions from iOS 8 to the current iOS 10.2. The exploit leveraged a bug in how mobile Safari showed popup notifications, effectively blocking the user's access to the browser through an endless loop of popups.

Crooks discovered that if they attempted to load a non-existent local URL, mobile Safari would enter an infinite loop, showing a popup that read "Cannot open page."

Crooks tried scaring users into paying
....

 

[oneeye]

Ios 10.3 supposedly fixed this issue, but IMHO it's not much of a fix, if a pop-up can block a tab, and you have to close the tab to end it! Here is the last part of article linked above:

With the release of iOS 10.3, Apple has now fixed this issue by changing how Safari handles popups. Starting with iOS 10.3, popups will only block the current tab, not the entire browser, allowing users to close the tab and continue using the browser.

 

[jamescv7]

One thing which can be very simple is to integrate third party protection built in from that browser so that any access to the fraudulent/malicious website is blocked.

In that case, certain complications will be reduce.