Ignore the Your iPhone was hacked after visiting an Adult website scam
Written by Tomas Meskauskas on (updated)
What is "Your iPhone was hacked after visiting an Adult website"?
There are various ways to trick users into downloading and installing potentially unwanted applications (PUAs). One of them is design websites to display a fake virus notification (or multiple notifications) claiming that a device is infected with a virus (or a number of viruses) and encouraging to remove it with a certain PUA.
It is important to mention that users do not visit websites showing fake virus, error notifications intentionally. In most cases, these pages get opened after clicking on some dubious ads, visiting other pages of this kind. Also, they can be opened by some PUA that is already installed on the operating system or a browser.
"Your iPhone was hacked after visiting an Adult website" scam overview
This page shows a fake iOS system notification claiming that visitor's iPhone has been hacked and infected with 78 viruses after visiting an adult website. That fake message also claims that those viruses are not deleted in two minutes, then they will delete all contacts, photos and damage the SIM card.
In order to download the app that is supposed to remove detected viruses, the fake notification encourages a visitor to tap the "Remove all Viruses" button. It is noteworthy that deceptive pages that display bogus virus, error, or other warnings can be used to advertise legitimate applications available for download on the App Store.
However, it is never recommended to trust pages that show fake notifications to trick visitors into downloading and installing apps. Even if the apps promoted through them are legitimate.
These pages can be used to promote malicious applications, adware, and other unwanted software. As mentioned in the previous paragraph, users do not visit such pages by themselves.
It is common for deceptive websites to be promoted through apps (PUAs) that most users download and install on their devices unknowingly. It is worthwhile to mention that apps of this kind are likely to be designed to generate advertisements and (or) gather various data.
They can display coupons, banners, surveys, pop-up ads, or other advertisements to promote untrustworthy pages. Sometimes such ads are designed to cause unwanted downloads, installations by running certain scripts.
Examples of details that PUAs collect are geolocations, URLs of visited websites, entered search queries, IP addresses. There are PUAs on the Internet that can access sensitive information.
Usually, PUAs gather information for their developers so they could use it for marketing purposes, sell it to third parties (potentially cybercriminals) or monetize it in other ways.
It is recommended not to have any PUAs installed on a browser or the operating system. They could be the reason behind issues related to online privacy, web browsing safety, or other problems.
Name | Your iPhone was hacked after visiting an Adult website pop-up |
Threat Type | Phishing, Scam, Mac malware, Mac virus |
Fake Claim | iPhone is hacked and infected with 78 viruses |
Related Domain | yourmaximumsafety[.]com, riovacvpn[.]com |
Serving IP Address | 37.140.192.209 |
Promoted Unwanted Application | SecureOneSafe |
Symptoms | Your Mac becomes slower than normal, you see unwanted pop-up ads, you are redirected to dubious websites. |
Distribution methods | Deceptive pop-up ads, free software installers (bundling), fake Flash Player installers, torrent file downloads. |
Damage | Internet browser tracking (potential privacy issues), display of unwanted ads, redirects to dubious websites, loss of private information. |
Malware Removal (Mac) | To eliminate possible malware infections, scan your Mac with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. |
Similar scam examples
More examples of deceptive websites using scare tactics to trick visitors into downloading and installing a potentially unwanted application are "Your Apple iPhone May Be Severely Damaged By Viruses!", "Your System Is Infected With 3 Viruses", and "Device Infected After Visiting An Adult Website".
It is important to remember that these notifications do not come from a legitimate Apple website. Most of the websites that display fake virus warnings are designed to look like Apple pages, however, they are not related to any of the official company's pages.
How did potentially unwanted applications install on my computer?
It is common that users download and install various potentially unwanted applications through downloaders, installers for other software - when those applications are included in those downloaders or installers as additional offers. Usually, included potentially unwanted apps are mentioned can be declined (opted out) via "Custom", "Advanced", "Manual", or other settings, or by unticking some checkboxes.
Although, not all users check and change the settings mentioned above. By leaving those settings unchanged (or checkboxes ticked) users allow for potentially unwanted apps to be downloaded or installed together with software that is bundled with them.
In some cases, users cause unwanted downloads or installations via deceptive advertisements - by clicking on ads designed to run certain scripts. It is worthwhile to mention that those ads appear mainly on questionable, potentially malicious pages.
How to avoid installation of potentially unwanted applications?
Applications, files should be downloaded only from legitimate, official pages. Downloads from unofficial pages, third-party downloaders, Peer-to-Peer networks like torrent clients, eMule, etc., can be malicious.
Third-party, unofficial installers can be malicious too. Therefore, they should not be used.
Furthermore, downloaders and installers that have settings like "Custom", "Advanced" (or checkboxes) should be checked for unwanted offers. Quite often, those settings can be used to opt out bundled potentially unwanted applications.
Advertisements that appear on untrustworthy websites (e.g., on pages related to pornography, gambling, adult dating) cannot be trusted. It is common that those ads are used to promote various untrustworthy, potentially malicious websites or distribute PUAs by designing them to start unwanted download, installation processes.
Unwanted, suspicious apps (extensions, plug-ins or add-ons) installed on a web browser and programs of this kind installed on the operating system should be removed. If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for macOS to automatically eliminate them.
Text in this scam page:
78 viruses were found
Your iPhone was hacked after visiting an Adult website and 78 viruses were found! If this problem is not resolved within two minutes, the viruses will delete all your contacts and photos, and the SIM card will be damaged!
1 minute 43 seconds
How to remove all viruses:
Step 1: Click the "Remove all Viruses" button below;
Step 2: You will be redirected to the AppStore;
Step 3: Install the SecureOneSafe app, open it and run the cleaning procedure
Remove all Viruses
To enable pop-up blocking, fraudulent website warnings, and remove web browsing data in mobile Apple devices, follow these steps:
First, go to "Settings", and then scroll down to find and tap "Safari".
Check if the "Block Pop-ups" and "Fraudulent Website Warning" toggles are enabled. If not, enable them immediately. Then, scroll down and tap "Advanced".
Tap "Website Data" and then "Remove All Website Data".
Instant automatic Mac malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of Mac malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner for Mac
By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.
Quick menu:
- What is "Your iPhone was hacked after visiting an Adult website"?
- STEP 1. Remove PUA related files and folders from OSX.
- STEP 2. Remove rogue extensions from Safari.
- STEP 3. Remove rogue add-ons from Google Chrome.
- STEP 4. Remove potentially unwanted plug-ins from Mozilla Firefox.
Video showing how to remove adware and browser hijackers from a Mac computer:
Potentially unwanted applications removal:
Remove potentially unwanted applications from your "Applications" folder:
Click the Finder icon. In the Finder window, select "Applications". In the applications folder, look for "MPlayerX", "NicePlayer", or other suspicious applications and drag them to the Trash. After removing the potentially unwanted application(s) that cause online ads, scan your Mac for any remaining unwanted components.
Remove adware-related files and folders
Click the Finder icon, from the menu bar. Choose Go, and click Go to Folder...
Check for adware generated files in the /Library/LaunchAgents/ folder:
In the Go to Folder... bar, type: /Library/LaunchAgents/
In the "LaunchAgents" folder, look for any recently-added suspicious files and move them to the Trash. Examples of files generated by adware - "installmac.AppRemoval.plist", "myppes.download.plist", "mykotlerino.ltvbit.plist", "kuklorest.update.plist", etc. Adware commonly installs several files with the exact same string.
Check for adware generated files in the ~/Library/Application Support/ folder:
In the Go to Folder... bar, type: ~/Library/Application Support/
In the "Application Support" folder, look for any recently-added suspicious folders. For example, "MplayerX" or "NicePlayer", and move these folders to the Trash.
Check for adware generated files in the ~/Library/LaunchAgents/ folder:
In the Go to Folder... bar, type: ~/Library/LaunchAgents/
In the "LaunchAgents" folder, look for any recently-added suspicious files and move them to the Trash. Examples of files generated by adware - "installmac.AppRemoval.plist", "myppes.download.plist", "mykotlerino.ltvbit.plist", "kuklorest.update.plist", etc. Adware commonly installs several files with the exact same string.
Check for adware generated files in the /Library/LaunchDaemons/ folder:
In the "Go to Folder..." bar, type: /Library/LaunchDaemons/
In the "LaunchDaemons" folder, look for recently-added suspicious files. For example "com.aoudad.net-preferences.plist", "com.myppes.net-preferences.plist", "com.kuklorest.net-preferences.plist", "com.avickUpd.plist", etc., and move them to the Trash.
Scan your Mac with Combo Cleaner:
If you have followed all the steps correctly, your Mac should be clean of infections. To ensure your system is not infected, run a scan with Combo Cleaner Antivirus. Download it HERE. After downloading the file, double click combocleaner.dmg installer. In the opened window, drag and drop the Combo Cleaner icon on top of the Applications icon. Now open your launchpad and click on the Combo Cleaner icon. Wait until Combo Cleaner updates its virus definition database and click the "Start Combo Scan" button.
Combo Cleaner will scan your Mac for malware infections. If the antivirus scan displays "no threats found" - this means that you can continue with the removal guide; otherwise, it's recommended to remove any found infections before continuing.
After removing files and folders generated by the adware, continue to remove rogue extensions from your Internet browsers.
Remove malicious extensions from Internet browsers
Remove malicious Safari extensions:
Open the Safari browser, from the menu bar, select "Safari" and click "Preferences...".
In the preferences window, select "Extensions" and look for any recently-installed suspicious extensions. When located, click the "Uninstall" button next to it/them. Note that you can safely uninstall all extensions from your Safari browser - none are crucial for regular browser operation.
- If you continue to have problems with browser redirects and unwanted advertisements - Reset Safari.
Remove malicious extensions from Google Chrome:
Click the Chrome menu icon (at the top right corner of Google Chrome), select "More Tools" and click "Extensions". Locate all recently-installed suspicious extensions, select these entries and click "Remove".
- If you continue to have problems with browser redirects and unwanted advertisements - Reset Google Chrome.
Remove malicious extensions from Mozilla Firefox:
Click the Firefox menu (at the top right corner of the main window) and select "Add-ons and themes". Click "Extensions", in the opened window locate all recently-installed suspicious extensions, click on the three dots and then click "Remove".
- If you continue to have problems with browser redirects and unwanted advertisements - Reset Mozilla Firefox.
Frequently Asked Questions (FAQ)
What is a pop-up scam?
Pop-up scams are deceptive messages intended to trick users into performing specific actions. For example, victims can be scared/enticed into downloading/installing and/or purchasing software, making monetary transactions, revealing private information, calling fake support lines, and so on.
What is the purpose of a pop-up scam?
Scams are designed to generate revenue for the scammers behind them. Cyber criminals can profit by promoting software, obtaining funds through deception, abusing or selling private data, proliferating malware, etc.
Why do I encounter fake pop-ups?
Pop-up scams are promoted on rogue webpages, which are seldom accessed intentionally. Most users enter them through redirects caused by sites using rogue advertising networks, spam browser notifications, mistyped URLs, intrusive advertisements, or installed adware.
Will Combo Cleaner protect me from pop-up scams?
Combo Cleaner can scan visited websites and detect rogue, deceptive, and malicious ones. Therefore, if you access such a site - you will be warned immediately. Additionally, access to untrustworthy/dangerous websites will be restricted.
▼ Show Discussion