Apple recently confirmed that there was a vulnerability that allowed hackers to send infinite loop alert messages on the Safari application. Instead of just affecting the tab that the website was opened it, it affects the entire application making Safari unusable. Alert such as “Your device has been locked” was used to scare users into buying iTunes gift card and paying the ransom. The only problem with this is it didn’t actually lock the iOS or encrypt any files. hence the name scareware. The scammers registered domains and launched the attack from the domains they owned, such as police-pay[.com]. When the user clicks links to those domain, they’ll get a infinite loop alert message.
Well the good thing is Apple recently patched this vulnerability in iOS 10.3. If you don’t want to update, the other option is to clear your Safari’s cache.