Skip to comments.(Vanity): New iPad, iPhone Safari phishing lockup and how to get out of it.
Posted on 08/28/2016 1:50:52 PM PDT by Swordmaker
My girlfriend opened her iPad this morning and was presented with a pop-up requestor that stated "It's time to change your iPhone/iPad passcode." with a CONTINUE button.
Apple NEVER requires users to change their device passcode. This was an attempt by some bad actor to gain access to her iPad for a nefarious reason.
This took her to another requestor that had three entry boxes. Two were for a new passcode, and a check of the new passcode, and the third was to enter your current passcode. One could NOT make this go away, nor could the home button bring up the means to quit any application that was running. On a quick restart, the same requestor popped back up with no way to continue. Attempting to start Settings was fruitless as long as this requestor was on the home screen.
The problem is a Safari pop-up requestor script. This apparently will report the results of whatever you input, including your current and new passcode to the malware server.
Force a restart by holding down the power button and the home button for at least fifteen seconds. Do not restart immediately, but wait at least another fifteen seconds. Then restart. As soon as you restart, start settings and then, on the left, five boxes down, tap on the Safari tab for the options. Then, on the right, four boxes down, Clear History and Website Data.
Unfortunately, that will clear all cookies, and anything you have for passwords for your websites, but it will get rid of the script that is blocking access to your iPad/iPhone when you go back into Safari. You will have to re-enter those data you need to automatically enter those websites you visit on a regular basis.
The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.
If you want on or off the Mac Ping List, Freepmail me
Is there any way to run a trace to the source of the phishing code? Maybe send a similar problem their way?
All governments are pussys for not torturing the filth that releases this evil in public.
This sounds Siri-ous.........
Good to know before the need arises, thanks.
And seriously, there are others out there.
Also, you can get adblock plus for your mobile devices people !
Or update the software
Don't we wish. I always wondered why we couldn't go against the sponsors of spammers. . . the companies that benefited from the spammed advertising. I received spammed ads from major banks, automobile manufacturers, insurance companies, etc., but when I investigated about going after them for the waste of my time and bandwidth I was told they were not responsible, nor were their advertising agencies. I had to find the people actually sending the spam and sue them but usually they were not in jurisdictions where they were suable! It is ridiculous we cannot sue the people whose products are being touted in the spam! But that's the way the courts have ruled! If we could sue the advertisers, spam would stop the next day.
I was able to search for a solution on her iPad, and got the clear Safari instructions.
It came back the next day, and I did the clear Safari thing again, and also hit the advance settings website data clear.
Bump and thank you!
Bleach bit and other industrial/military strength erasure systems aren't recommended for Solid State drives for several reasons. First of all, solid state drives don't hold ghost data as easily as other magnetic memory does, and don't require multiple overwrites such applications provide. A single overwrite is more than sufficient to completely erase the data on an on/off digital memory. The iPhone's memory is so fast, it does that with its erase command. Unlike the data tables of a standard hard drive which just resets the memory map, the data is quickly overwritten with zeros. There is no ghost of what was there before that would require a multiple rewrite to be certain there is no remaining remnant of any magnetic hints. Secondly, even the best solid state drives have a limited number of read/write cycles and you really don't want to use them up needlessly doing unnecessary erasures of this type.
Apple has recently removed its "Secure" delete from its menu option for this reason because they don't need to work on SSDs they way users think they will. It is still available for mechanical, magnetic drives from the Terminal, though. I think Apple should have left it with the automatic option for the mechanical drives, testing which kind of drive the user was using.
You can get adblock, but more and more websites won't load with adblock activated because it impacts their revenue streams. I'm seeing about 15% complaining about adblockers.
Software is fully updated. This is just another Java script phishing expedition that takes advantage of normal programing available to every programer. It's the ethics of the developer that prevents it from being used wrongly. . . and the webmaster from allowing this on his/her/its website, or Google or other ad provider from allowing this crap on their ad rotation.
Maybe that happened to me last night and this morning. The screen wouldn’t respond to touch last evening.
I let the ipad shut down.
Tried this AM and again, would not respond to touchscreen.
Ipad waited for me to slide the arrow to the right but since no response, it just shut down.
Went online, instructed to press both those buttons.
It worked. Yea !
Should have mentioned, this is a Gen 2 ipad.
It’s possible that is a locked Java script problem as well. It’s also possible it is just a system lockup. Forcing a restart can solve both. The phishing expedition I describe above is more, because it won’t go away until you clear the script and the requestor which will keep popping up, so long as it is in the cache and Safari is running on a soft-start.
2 of my sons have had this issue lately. Told them to do what articke suggested. Worked.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.