New 'Yontoo' Adware Trojan Targets Major Browsers on OS X

Discussion in ' News Discussion' started by MacRumors, Mar 21, 2013.

  1. MacRumors macrumors bot


    Apr 12, 2001

    Russian security firm Doctor Web this week highlighted a new trojan (via The Next Web) affecting OS X systems and which installs an adware plug-in capable of injecting ads into users' browsing experience.

    As with other trojans, this new Yontoo malware relies on tricking users into installing the package, which in this case masquerades as a movie trailer video plug-in, download accelerator, or other software a user might believe they want or need on their system.
    As an example of Yontoo's capabilities, Doctor Web shows how ads can be injected into once the plug-in has been unwittingly installed by the user.

    Compared to Windows, OS X has long been a relatively unpopular target for malware authors, but attacks targeting Apple customers have been on the rise. Many of the most highly publicized attacks come via trojans that rely on tricking users into granting installation privileges, while third-party platforms such as Java have also frequently been used to inject code into Mac systems.

    Apple has been increasing its efforts to fight malware, introducing a rudimentary anti-malware functionality in OS X Snow Leopard and an enhanced Gatekeeper system in OS X Mountain Lion. Apple has also increasingly been blocking vulnerable versions of Java until Oracle is able to release patched versions of its plug-ins.

    Article Link: New 'Yontoo' Adware Trojan Targets Major Browsers on OS X
  2. anzio macrumors 6502

    Dec 5, 2010
    Innisfil, Ontario, Canada
    It's times like this that I'm glad that OS X has XProtect.

    Oh yeah. And I'm happy I also wield common sense. :)
  3. needfx macrumors 68040


    Aug 10, 2010
    macrumors apparently
    some users.

    writing [Press Me] sounds enough to convince them...
  4. Slix macrumors 6502a


    Mar 24, 2010
  5. furi0usbee macrumors 68000


    Jul 11, 2008
    Security against stupidity does not exist. The most secure computer in the world is only as secure as the guy using it. I don't even like installing stuff from Adobe... and I sure as hell would never install some third-party plugin/app which I know nothing about.
  6. Brother Esau macrumors 6502

    Jun 30, 2010
    Hey, I thought MAC did not get viruses or malicious code attacks?

    I knew that statement was not going to last very long once Apple increased in popularity and user base.. Silly MAC people:D
  7. litmag01 macrumors regular


    Jul 16, 2009
    Say YES to everything unless it asks to continue.

    In that case, press CONTINUE and enter bank account number, routing number and any pertinant passwords.
  8. DipDog3 macrumors 65816


    Sep 20, 2002
    Yea, but would this work under OS X Mountain Lion???

    I can't install stuff off the web without going through hoops already, don't see how a Trojan would install itself...
  9. procksa49er, Mar 21, 2013
    Last edited: Mar 21, 2013

    procksa49er macrumors newbie


    Dec 17, 2009
    United States
    Yes there may be some Malware, but it involves and requires user action even on relatively open machines....

    Windoze can get the Herp just by being connected to the Net... Wanna try again? When a Hacker can program something that just by my Mac being on the internet, it can infect and cause harm... Then I will worry...

    You can't fix stupid whether you're on a Mac or a Windows machine.. /rantmodeOff

    I am not saying its impossible but it still hasnt happened.
  10. sbrhwkp3 macrumors 6502a


    Jul 17, 2005
    Lake George, NY
    I'm an experienced mac user, and I don't fall for this crap, but somehow I got this on my Macbook Pro two months ago. Easy to disable in extensions, though.
  11. madsci954 macrumors 68030

    Oct 14, 2011
    Did you read the post? It fools user by installing plugin-software, live a media player, that contains the malware and going from there.
  12. vmistery macrumors 6502a

    Apr 6, 2010
    It still relies on the users doing something and I don't think you can blame an OS for that. At the end of the day unless you are going to totally block out Admin / root rights to users who are vulnerable to making this kind of error this problem will remain common. Perhaps some sort of new permissions model is in order although I have no idea what.
  13. KdParker macrumors 601


    Oct 1, 2010
    So this is avoided by simply not installing the plugin? That should be simple enough to do.
  14. Puevlo macrumors 6502a

    Oct 21, 2011
    Macs were never as secure as PCs but they were unpopular enough that nobody bothered to attempt to exploit them. Now it seems that every other day there's another massive security flaw found in Mac OS X.
  15. Virtualball macrumors 6502

    Jun 5, 2006
    This is a nice reminder that beyond Java-based attacks, it's extremely difficult to hack OSX :)
  16. vmistery macrumors 6502a

    Apr 6, 2010
    You missed patch Tuesday then?
  17. BasicGreatGuy Contributor


    Sep 21, 2012
    In the middle of several books.
    What security flaw are you referring to with this story?
  18. mabhatter macrumors 6502a

    Jan 3, 2009
    We need to bring back throwing people to Lions and Tigers and Bears! White Hats, Black Hats, Etc... It would be good solid entertainment to have a YouTube channel dedicated to watching endangered animals eat human beings.

    Before you cry "unfair" there are plenty of places connected to the Internet that don't have laws ... Some don't have laws against hacking and stealing... Others don't have laws against feeding hackers to bears!!!
  19. Bubba Satori Suspended

    Bubba Satori

    Feb 15, 2008
    Turn everything off and it just works.
    Irony is good for your health.
  20. Simplicated macrumors 65816


    Sep 20, 2008
    Waterloo, Ontario, Canada
    Waiting for the reply that educates people on the differences between trojans, viruses and worms. :D

    Personally, I am thankful that Xprotect is protecting my Mac. But given the growing popularity of the Mac I do believe Apple needs to be even more proactive when it comes to malware prevention.
  21. Pechente macrumors member

    Apr 5, 2010
    Germany / Niedersachsen / Großburgwedel
    Wow, a user can be tricked to actively install harmful software - a serious flaw in OS X!
  22. bbeagle macrumors 68040


    Oct 19, 2010
    Buffalo, NY
    This has nothing to do with the secure Mac OS. The OS is secure, but it cannot protect USERS from screwing up.

    Tell me 1 OS that can EVER be secure from someone asking 'May I install this app please?' and allowing the user click 'Yes'. The issue has always been with Windows where that popup which said 'May I install this app please?' never showed up, and the 'Yes' button was not there - the software just installed itself automatically without the user knowing. THAT is an OS problem.

    Unless you want a completely walled garden where NOTHING is allowed to be installed beyond what the manufacturer installs at build time. I guess that's what you want, Brother Esau? Right?
  23. AppleFan1984 macrumors 6502

    May 6, 2010
    ...except when Mac fans attempt to describe Android, then all manner of such expectations come into play. ;)
  24. rmwebs macrumors 68040

    Apr 6, 2007
    Sorry but if users really are that dumb that they click those things then they deserve to get the malware, you can not only see them from a mile away, but generally the only time you'll see something like that is likely if you frequent 'questionable' content.
  25. AppleFan1984 macrumors 6502

    May 6, 2010
    Drive-by infections have happened on OS X - remember "Flashback"?:

Share This Page