New 'Yontoo' Adware Trojan Targets Major Browsers on OS X

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Mar 21, 2013.

  1. macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Russian security firm Doctor Web this week highlighted a new trojan (via The Next Web) affecting OS X systems and which installs an adware plug-in capable of injecting ads into users' browsing experience.

    As with other trojans, this new Yontoo malware relies on tricking users into installing the package, which in this case masquerades as a movie trailer video plug-in, download accelerator, or other software a user might believe they want or need on their system.
    As an example of Yontoo's capabilities, Doctor Web shows how ads can be injected into apple.com once the plug-in has been unwittingly installed by the user.

    [​IMG]
    Compared to Windows, OS X has long been a relatively unpopular target for malware authors, but attacks targeting Apple customers have been on the rise. Many of the most highly publicized attacks come via trojans that rely on tricking users into granting installation privileges, while third-party platforms such as Java have also frequently been used to inject code into Mac systems.

    Apple has been increasing its efforts to fight malware, introducing a rudimentary anti-malware functionality in OS X Snow Leopard and an enhanced Gatekeeper system in OS X Mountain Lion. Apple has also increasingly been blocking vulnerable versions of Java until Oracle is able to release patched versions of its plug-ins.

    Article Link: New 'Yontoo' Adware Trojan Targets Major Browsers on OS X
     
  2. macrumors regular

    Joined:
    Dec 5, 2010
    Location:
    Barrie, ON
    #2
    It's times like this that I'm glad that OS X has XProtect.

    Oh yeah. And I'm happy I also wield common sense. :)
     
  3. macrumors 68030

    needfx

    Joined:
    Aug 10, 2010
    Location:
    macrumors apparently
    #3
    some users.

    writing [Press Me] sounds enough to convince them...
     
  4. macrumors 6502a

    Slix

    Joined:
    Mar 24, 2010
    #4
    Want to install Free Twit Tube?

    Seems legit. :rolleyes:
     
  5. macrumors 65816

    furi0usbee

    Joined:
    Jul 11, 2008
    #5
    Security against stupidity does not exist. The most secure computer in the world is only as secure as the guy using it. I don't even like installing stuff from Adobe... and I sure as hell would never install some third-party plugin/app which I know nothing about.
     
  6. macrumors 6502

    Joined:
    Jun 30, 2010
    #6
    Hey, I thought MAC did not get viruses or malicious code attacks?

    I knew that statement was not going to last very long once Apple increased in popularity and user base.. Silly MAC people:D
     
  7. macrumors regular

    litmag01

    Joined:
    Jul 16, 2009
    #7
    Say YES to everything unless it asks to continue.

    In that case, press CONTINUE and enter bank account number, routing number and any pertinant passwords.
     
  8. macrumors 6502a

    DipDog3

    Joined:
    Sep 20, 2002
    #8
    Yea, but would this work under OS X Mountain Lion???

    I can't install stuff off the web without going through hoops already, don't see how a Trojan would install itself...
     
  9. procksa49er, Mar 21, 2013
    Last edited: Mar 21, 2013

    macrumors newbie

    Joined:
    Dec 17, 2009
    #9
    Yes there may be some Malware, but it involves and requires user action even on relatively open machines....

    Windoze can get the Herp just by being connected to the Net... Wanna try again? When a Hacker can program something that just by my Mac being on the internet, it can infect and cause harm... Then I will worry...

    [Edit]
    You can't fix stupid whether you're on a Mac or a Windows machine.. /rantmodeOff

    I am not saying its impossible but it still hasnt happened.
     
  10. macrumors 6502a

    Joined:
    Jul 17, 2005
    Location:
    Lake George, NY
    #10
    I'm an experienced mac user, and I don't fall for this crap, but somehow I got this on my Macbook Pro two months ago. Easy to disable in extensions, though.
     
  11. macrumors 68020

    Joined:
    Oct 14, 2011
    Location:
    Ohio
    #11
    Did you read the post? It fools user by installing plugin-software, live a media player, that contains the malware and going from there.
     
  12. macrumors regular

    Joined:
    Apr 6, 2010
    Location:
    UK
    #12
    It still relies on the users doing something and I don't think you can blame an OS for that. At the end of the day unless you are going to totally block out Admin / root rights to users who are vulnerable to making this kind of error this problem will remain common. Perhaps some sort of new permissions model is in order although I have no idea what.
     
  13. macrumors 68040

    KdParker

    Joined:
    Oct 1, 2010
    #13
    So this is avoided by simply not installing the plugin? That should be simple enough to do.
     
  14. macrumors 6502a

    Joined:
    Oct 21, 2011
    #14
    Macs were never as secure as PCs but they were unpopular enough that nobody bothered to attempt to exploit them. Now it seems that every other day there's another massive security flaw found in Mac OS X.
     
  15. macrumors 6502

    Joined:
    Jun 5, 2006
    #15
    This is a nice reminder that beyond Java-based attacks, it's extremely difficult to hack OSX :)
     
  16. macrumors regular

    Joined:
    Apr 6, 2010
    Location:
    UK
    #16
    You missed patch Tuesday then?
     
  17. macrumors 68040

    BasicGreatGuy

    Joined:
    Sep 21, 2012
    Location:
    In the middle of several books.
    #17
    What security flaw are you referring to with this story?
     
  18. macrumors 6502a

    Joined:
    Jan 3, 2009
    #18
    We need to bring back throwing people to Lions and Tigers and Bears! White Hats, Black Hats, Etc... It would be good solid entertainment to have a YouTube channel dedicated to watching endangered animals eat human beings.

    Before you cry "unfair" there are plenty of places connected to the Internet that don't have laws ... Some don't have laws against hacking and stealing... Others don't have laws against feeding hackers to bears!!!
     
  19. macrumors 68040

    Bubba Satori

    Joined:
    Feb 15, 2008
    Location:
    B'ham
    #19
    Turn everything off and it just works.
    Irony is good for your health.

    http://www.youtube.com/watch?v=GQb_Q8WRL_g
     
  20. macrumors 65816

    Simplicated

    Joined:
    Sep 20, 2008
    Location:
    Waterloo, ON
    #20
    Waiting for the reply that educates people on the differences between trojans, viruses and worms. :D

    Personally, I am thankful that Xprotect is protecting my Mac. But given the growing popularity of the Mac I do believe Apple needs to be even more proactive when it comes to malware prevention.
     
  21. macrumors member

    Joined:
    Apr 5, 2010
    Location:
    Germany / Niedersachsen / Großburgwedel
    #21
    Wow, a user can be tricked to actively install harmful software - a serious flaw in OS X!
     
  22. macrumors 68030

    bbeagle

    Joined:
    Oct 19, 2010
    Location:
    Buffalo, NY
    #22
    This has nothing to do with the secure Mac OS. The OS is secure, but it cannot protect USERS from screwing up.

    Tell me 1 OS that can EVER be secure from someone asking 'May I install this app please?' and allowing the user click 'Yes'. The issue has always been with Windows where that popup which said 'May I install this app please?' never showed up, and the 'Yes' button was not there - the software just installed itself automatically without the user knowing. THAT is an OS problem.

    Unless you want a completely walled garden where NOTHING is allowed to be installed beyond what the manufacturer installs at build time. I guess that's what you want, Brother Esau? Right?
     
  23. macrumors 6502

    Joined:
    May 6, 2010
    #23
    ...except when Mac fans attempt to describe Android, then all manner of such expectations come into play. ;)
     
  24. macrumors 68040

    Joined:
    Apr 6, 2007
    #24
    Sorry but if users really are that dumb that they click those things then they deserve to get the malware, you can not only see them from a mile away, but generally the only time you'll see something like that is likely if you frequent 'questionable' content.
     
  25. macrumors 6502

    Joined:
    May 6, 2010
    #25
    Drive-by infections have happened on OS X - remember "Flashback"?:
    http://www.bit-tech.net/news/bits/2012/04/05/os-x-drive-by-malware/1
     

Share This Page