Is this for real?  I think not, but does this mean I got hacked? What do I do? I have it on my screen right now. I got this on my iPhone when I clicked into a website:

[GOOGLE logo on top] thursday 11, 2017

(2) virus have been detected on your apple iPhone 5

We have detected that your Apple iPhone 5 has been infected with viruses. It will soon corrupt your sim card, data, photos, and contacts if no action is taken.

4 minutes and 58 seconds

How to remove virus:

Step 1: Tap the button below & go to App Store to install the recommended virus removal app for free

Step 2: Run the app to remove all viruses

Typically warnings use proper English.  This is near certainly phishing

That's what I figured. So here are my questions:

1) Does this mean I've been hacked?

2) What do I do? I still have it on screen. Just shut down my phone right from there?

I just shut down my phone, restarted it, and searched for iOS updates.

http://www.justanswer.com/emai...

Go into Settings then Safari then Clear History and Website Data then Clear History and Data

Hold down the Power button and Home buttons together until you see the Apple icon then release the buttons.

Sounds like it was from a site you visited.

Most of the time (especially on an iPhone) these things are just web pages that look like alerts trying to trick people to do something. They're essentially malicious ads. And malicious in the sense that they're trying to convince you to do something you shouldn't as opposed to actually infecting you with something.

They can make it hard to close the browser, but if you quit out of the app Safari will always give you a few moments where you can close the page before it loads when you reopen Safari.

(Or you can do the steps above, I've never seen a situation where I actually had to do that though.)

Thanks. I closed down the phone, installed an iOS update, then followed Jamie's instructions.

Today, the NHS in the UK was brought down by ransomware. It's not clear what they will do.

NHS cyber-attack: GPs and hospitals hit by ransomware

This has the potential to be cataclysmic terrorism or just a(nother) chaos bomb thrown by the Kremlin.  Take your pick.

At a cyber security lecture I attended yesterday, the speaker recommended regularly backing up data to an external hard drive that was not kept attached to the computer when back up was not taking place and/or to the cloud.  This way, data would be recoverable in the event of a ransom ware attack.

This is very inconvenient and as a result will make most people vulnerable.

I see a market niche for a backup program which will enable the backup device for the duration of the backup, then disable it.

Why isn't this a standard?

on a side note: I started typing in the phrase "how do I protect myself..."

And google gave me "how do I protect myself from ransomware" as my second choice.

This is just about as frightening as ransomware.

joan_crystal said:

At a cyber security lecture I attended yesterday, the speaker recommended regularly backing up data to an external hard drive that was not kept attached to the computer when back up was not taking place and/or to the cloud.  This way, data would be recoverable in the event of a ransom ware attack.

Pretty sure mine was ransomware. When I googled the language, several sites said it was ransomware. I have the Apple device that automatically backs me up wirelessly. Time Machine?

big news today...

https://www.nytimes.com/2017/0...

This one is big, because it can spread without any user interaction once it's on a company network. Working in the industry this completely ruined my Saturday.

@drummerboy, if legit software can enable and disable an attached device, so can malware. There is no software that can replace a physical difference or distance.

yeah, I realized that after I wrote the post, but I imagine you could build OS or even hardware level support that would be difficult to break.

I think.

Maybe not.

Tom_Reingold said:

@drummerboy, if legit software can enable and disable an attached device, so can malware. There is no software that can replace a physical difference or distance.

But, you know - thinking as a hacker for 30 seconds - even if you depend on unplugging the backup device, it wouldn't be too hard to include a little database of popular backup software that the malware could check to see if it's installed, and then go searching for the schedule so that the malware itself will only run when the backup software is running and the device is available.

drummerboy said:

yeah, I realized that after I wrote the post, but I imagine you could build OS or even hardware level support that would be difficult to break.


I think.


Maybe not.

No. If the device is connected, it's connected. An OS is software just as malware is. If an OS can say make the device available, so can the malware.

Your point about malware tampering with cloud backups seems plausible. I wonder if it will come to that. Is it worth it for the bad guy?

I stress this often: you have to have fire drills, i.e. practice sessions to make sure you can restore your data. A warm fuzzy feeling from doing backups is not enough. Besides, the drills are good practice for when you eventually need to restore, since it's a panicky moment.

This discussion is now above my pay grade.

TLDR: keep your devices and systems up to date. Do regular backups to media that are not attached. Make sure your backups work.