A few days ago, while I was browsing my emails in Hotmail, my Safari browser window suddenly changed to
this scareware attack. And, immediately, a .zip file began downloading, which I canceled.
The list of files in the upper central part of the window was constantly changing, appearing to scroll, and the two numbers in red circles next to "Desktop" and "Applications" kept changing.
When I closed the browser window containing the scareware attack, no other windows were open, so it actually supplanted my Hotmail window, rather than being a second window popping up. For better or worse, I didn't allow the .zip file to fully download, so I can't forward it to anyone for analysis.
Unfortunately, I can't say what, if any, action on my part caused this window to appear. In Hotmail I never click on anything but the arrows that advance me to the next email, or the "Reply", "New message" or "Delete" buttons. Is it possible that a hacker could have gotten past any security measures and planted some code on MSN's Hotmail pages? Or could it have been contained in one of the ads on the page and just responded to my cursor moving over it?
It's interesting to note that this attack is targeted to Macs (note the Mac Finder-like sidebar and the name "Apple security center"). Since I don't have folders labeled "work" or "Dropbox", it was immediately clear that it had nothing to do with my actual system.
Interesting, yes, and a bit scary.
