Posted on 08/28/2016 1:50:52 PM PDT by Swordmaker
My girlfriend opened her iPad this morning and was presented with a pop-up requestor that stated "It's time to change your iPhone/iPad passcode." with a CONTINUE button.
Apple NEVER requires users to change their device passcode. This was an attempt by some bad actor to gain access to her iPad for a nefarious reason.
This took her to another requestor that had three entry boxes. Two were for a new passcode, and a check of the new passcode, and the third was to enter your current passcode. One could NOT make this go away, nor could the home button bring up the means to quit any application that was running. On a quick restart, the same requestor popped back up with no way to continue. Attempting to start Settings was fruitless as long as this requestor was on the home screen.
Solution:
The problem is a Safari pop-up requestor script. This apparently will report the results of whatever you input, including your current and new passcode to the malware server.
Force a restart by holding down the power button and the home button for at least fifteen seconds. Do not restart immediately, but wait at least another fifteen seconds. Then restart. As soon as you restart, start settings and then, on the left, five boxes down, tap on the Safari tab for the options. Then, on the right, four boxes down, Clear History and Website Data.
Unfortunately, that will clear all cookies, and anything you have for passwords for your websites, but it will get rid of the script that is blocking access to your iPad/iPhone when you go back into Safari. You will have to re-enter those data you need to automatically enter those websites you visit on a regular basis.
You could also go to Safari settings and turn off JavaScript. That might help. Also make sure that block popups is turned on. I usually block 3rd party cookies too.
Thanks SM
Drudge and others are putting out "complaint" signs for users with adblock to ask them to whitelist.
I backup, to my iMac, using iTunes, every week, for every mobile device using the USB / Lightning connector. If the malicious Java Script comes after the most recent backup, would this not have been fixed by restoring?
My wife didn’t know how to shut down programs running in the background or how to clear web data until I showed her. I imagine there are a lot of people that don’t and who rarely do a restart either.
My sons didn’t. :-)
It would, but unnecessary in this instance. The issue was not actually on the iPad or iPhone but rather on a website. The solution is to get Safari off the website.
Bookmark
Once again, ein Dankeschön to you, Swordmaker.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.