The FBI virus is a type of ransomware on Mac that threatens to delete your files if you don’t pay a fine. It comes in various forms and can be dangerous, but with the right precautions and good antivirus software, the attack is easy to avoid.
In this article, we’ll explain what the FBI virus is, how it might infect your Mac, and how to remove it.
In this article you will find the following:
Before we start:
You can quickly remove viruses and other threats from your Mac with MacKeeper Antivirus. With real-time protection, MacKeeper’s Antivirus monitors your machine for new attacks and blocks them before they can cause harm.
Here’s how to set it up:
- Download MacKeeper and install it on your Mac.
- Select Antivirus in the sidebar when MacKeeper opens.
- Click Scan to perform a complete system scan to identify cybersecurity threats.
- If any issues are found, click Delete to remove them.
What is FBI virus?
The FBI virus is ransomware on Mac that claims to lock your computer until you pay for its release. The virus usually displays a message that reads, “Your Computer Has Been Locked.” It states you must pay a fine for supposed copyright infringement or for accessing adult content.
Like other ransomware attacks, the FBI virus threatens to delete your files if the fine, which typically varies from $100 to $500, isn’t paid. It uses the Federal Bureau of Investigation's name and logo to appear legitimate and scare users into believing they’re in trouble.
It’s crucial to note that the FBI virus comes in many forms. Strains of Epubb, Gimemo, Reveton, Urausy, and other attacks have previously used the FBI name and logo to scam internet users into handing over money to save their files. So, if you’ve ever wondered, can Macs get viruses, the answer is yes.
No matter what form of virus you encounter, you mustn’t fall for it. Neither the FBI nor any other law enforcement agencies use software like this to distribute and collect fines, so concentrate on removing the virus and securing your Mac rather than paying the fake fine.
How FBI MoneyPak virus works
The FBI MoneyPak virus usually appears in your browser when you’re on the web. It creates an iframe loop that displays a bogus warning and prevents you from leaving the malicious website or closing your browser. It claims to lock your computer and files until you pay a fine to release them.
The fake webpage often claims that you violate copyright laws, have viewed prohibited adult content, or that someone has gained access to your computer without your knowledge. It also states that all your files are now under encryption and that you should not try to unlock your computer.
The primary aim of the FBI virus is to trick unsuspecting users into handing over money. After locking your computer—or at least making it appear like that’s the case—the fake FBI warning on Mac demands that you pay a fine to release your files. This is usually facilitated via a service like MoneyPak.
Most strains of the FBI virus on Mac aren’t very sophisticated like the MacStealer malware. Instead, they rely on inexperienced users believing that they have done something illegal and must pay to have their computers released. However, other ransomware attacks can lock your machine.
How FBI virus got on your Mac
If you’re experiencing FBI ransomware on Mac, you might be asking how it got there. These are the four primary ways through which the FBI virus can be caught:
1. Harmful emails
Like many cybersecurity threats, the FBI virus is commonly sent through harmful emails. You might find it attached as a file quietly installed in the background or hidden behind a malicious link. Attackers usually try to disguise the emails as genuine communications from the FBI or a trusted company.
The hope is that you will believe the email is genuine, download any attachments, or complete whatever steps are supposedly necessary. Once the software is running on your Mac, it will quickly lock down your system and block access to your files until it’s removed.
2. Suspicious or illegal software
Downloading unofficial software from untrusted sources may seem appealing at times—especially when it’s free—but it’s almost always a bad idea. Software like this, particularly when it’s pirated or “cracked,” is regularly filled with malware and viruses, like the FBI ransomware.
This software may seem innocent and even install and operate just like the real thing. However, as part of the installation process, malicious software is installed at the same time, and it won’t be long before it locks your system, starts stealing your data, or causes a plethora of other issues.
3. Pop-up windows
Pop-up windows, especially those that appear when you’re browsing suspicious websites, can contain links to viruses like the FBI ransomware. Clicking on these pop-ups, whether intentionally or accidentally, will cause the software to be downloaded and installed on your Mac.
With the FBI virus, pop-up windows may appear with the FBI logo and a scary, official-looking message that says your computer has been compromised or accuses you of illegal activity. They can also use iframe tricks to lock up your browser and prevent you from closing the page or navigating away from it.
4. Phishing URL
Hackers regularly use phishing URLs to steal information or send malicious software to unsuspecting Mac users. The links can appear in emails, text messages, online pop-ups and advertisements, and many other places. If you click one, it could instantly download the FBI virus to your computer.
It’s important to be aware of what suspicious phishing URLs look like, and the tricks attackers use to make them seem genuine at first glance. Because phishing links are so common online, spending some time learning how to protect yourself against cybercrime is vital if you use the internet regularly.
How to remove the FBI virus from your Mac
The first step to take when you suspect you have a computer virus is to check the Mac for malware and confirm what kind of threat you’re dealing with. If it is the FBI virus, then you can take the following steps for removal:
- Reset your browser settings to default settings
- Use Force Quit for your browser
- Turn off JavaScript in your browser
- Use antivirus software to delete the FBI virus from your Mac
1. Reset your browser settings to default settings
The FBI virus typically changes your browser settings to prevent you from using it normally. This ensures the fake FBI warning appears whenever you go online. Try resetting your browser to default settings to fix this problem. Here’s how to do this in Safari:
- Open Safari, then select Safari > Settings from the menu bar.
- Under the General tab, ensure your Homepage is set correctly.
- Select the Privacy tab, then click Manage Website Data.
- Click Remove All, then select Remove Now to confirm.
Here’s how to reset your browser settings in Google Chrome:
- Open Chrome, then click Chrome > Settings in the menu bar.
- Select Reset settings in the sidebar, then click Restore settings to their original defaults.
- Click the Reset settings button to confirm.
You can also reset your browser to default settings in Microsoft Edge, Firefox, Opera, and others on Mac. The process is similar to that for Safari and Chrome, but not exactly the same, so we recommend looking for official documentation for your browser of choice if the reset option isn’t clear in the preferences menu.
2. Use Force Quit for your browser
If the FBI warning prevents you from using or exiting your browser, you can use the Force Quit feature in macOS to kill it. This stops the iframe loop that causes the bogus message to lock up your browser and allows you to reopen it and use it normally again. Try this:
- Click the Apple logo in the menu bar, then select Force Quit.
- Select Safari or whichever browser you’re using, then click the Force Quit button.
- Click Force Quit again to confirm.
3. Turn off JavaScript in your browser
Disabling JavaScript is another way to stop the iframe loop that allows the FBI virus to lock up your browser. Here’s how to turn off JavaScript in Safari:
- Open Safari, then select Safari > Settings from the menu bar.
- Click the Security tab.
- Uncheck the box alongside Enable JavaScript to disable it.
Here’s how to turn off JavaScript in Google Chrome:
- Open Chrome, then select Chrome > Settings from the menu bar.
- Click Privacy and security in the sidebar, then select Site settings.
- Select JavaScript, then click Don’t allow sites to use JavaScript.
4. Use antivirus software to delete the FBI virus from your Mac
The most effective way to deal with the FBI virus and other cybersecurity attacks is to remove them with antivirus software. MacKeepe’sr Antivirus can find and remove all threats on your machine, no matter where they’re hiding, and stop new infections as soon as they surface. Here’s how to set up and use it:
- Download and install MacKeeper on your Mac.
- When MacKeeper opens, select Antivirus in the sidebar.
- Click the Start Scan button to find the FBI virus and other hidden threats.
- If any issues are found, click the Delete button to remove them from your Mac.
Note from our team: Once MacKeeper’s Antivirus is active, its real-time protection keeps an eye on your computer and blocks any new viruses or malware as soon as they appear. It also checks any files you download to ensure they’re safe before you use them.
Conclusion
The FBI virus can be incredibly frustrating to any Mac user who happens to stumble across it. It often prevents you from properly using your web browser or your entire computer. It claims to encrypt your files so that they can’t be accessed until you pay a fee for alleged illegal activity, but in many cases, it can be avoided and removed using the simple solutions outlined above.
If FBI ransomware is installed on your Mac, you can remove it and other malware with MacKeeper’s Antivirus. It performs a complete system scan to uncover all existing issues, then helps you stop and delete them in just a few clicks.
