'Malware Detected, Action Required' Pop-Ups

The 'Malware Detected, Action Required' pop-ups are an online tactic that is being proliferated by multiple dubious websites. Like most schemes of this type, the end goal is to trick the user into downloading and installing a suspicious application by showing fake virus alerts. Users should always keep in mind that no website can perform scans for threats on its own and messages claiming to have found malware should be disregarded immediately. 

While the tactic is geared towards iPhone users mostly, it could as easily be encountered on other Apple devices equally as well. Infosec researchers have observed that two versions of this scheme are live concurrently. The present fake alerts are nearly identical with the biggest difference being the promoted application. 

When users land on a page carrying out the 'Malware Detected, Action Required' pop-ups tactic, they will be presented with a message stating that malware threats have been found on their devices. Apparently, these actually non-existent threats have already managed to cause great damage to the device but if left unattended they will lead to the battery overheating, the SIM card being damaged, and all photos and contacts on the device being lost. 

Here, one of the variants shows a 'REPAIR THIS DEVICE' button and urges users to click on it immediately to clean their device from the fake threats. The other version, instead, shows a 'Continue' button that will supposedly lead to a trial version of an anti-malware product that will protect the user's iPhone. While applications delivered via such tactics are almost always barely functional PUPs, on some rare occasions, they may turn out to be legitimate. However, even if that is the case, users should still get them from a reputable source and not a random website they encountered while browsing.