Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Mac-specific Trojan discovered, injects ads into webpages
Tweaktown ^ | Posted: 3 hours, 39 mins ago | Charles Gantt

Posted on 03/21/2013 1:18:06 PM PDT by Ernest_at_the_Beach

A new virus specific to Mac has been discovered by Russian security firm Doctor Web. Named Trojan.Yontoo.1, the virus injects ads into webpages on the infected machine.

 

mac_specific_trojan_discovered_injects_ads_into_webpages

 

The malware works by installing an adware plugin into any of the popular browsers then overlays an advertisement in key locations on webpages. Doctor Web says that this trojan is just another piece of a large adware puzzle that has been infecting OS X for some time now.

 

mac_specific_trojan_discovered_injects_ads_into_webpages

 

The virus can be caught in several different ways, with the most popular method being the use of movie trailer pages in which users must install a plugin to view the content. Other methods of injection have been media player enhancement programs and download accelerators. One indication of infection is that when launched, Trojan.Yontoo.1 will prompt users to install a program called "Free Twit Tube" or something similar.

 

No information has been released from Apple on a removal tool yet, and it is expected that Apple will just patch its XProtect.plist which already blocks about 15 previous malware attacks. The best thing is to avoid any installs from unknown websites or anything that has a funny name. Remember, Google is your friend and if you are unsure of an application's validity, a five second search could prevent an infection. Be smart.

SOURCE #1


TOPICS: Computers/Internet
KEYWORDS: applemacs; malware

1 posted on 03/21/2013 1:18:06 PM PDT by Ernest_at_the_Beach
[ Post Reply | Private Reply | View Replies]

To: ShadowAce; SunkenCiv

fyi


2 posted on 03/21/2013 1:19:32 PM PDT by Ernest_at_the_Beach ((The Global Warming Hoax was a Criminal Act....where is Al Gore?))
[ Post Reply | Private Reply | To 1 | View Replies]

To: Ernest_at_the_Beach
Remember, Google is your friend ...

Great post except for the above, which means "all your keystroke are belong to us." It's good to use a search proxy like Startpage.

Thanks again for the helpful Mac info.

3 posted on 03/21/2013 1:22:29 PM PDT by Albion Wilde (Liberalism: knowing you're better than everyone else because of your humility. -- Daniel Greenfield)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Ernest_at_the_Beach

bumpage4later


4 posted on 03/21/2013 1:23:54 PM PDT by CGASMIA68
[ Post Reply | Private Reply | To 1 | View Replies]

To: Albion Wilde
Not sure why this is Apple specific.

Sounds like it would work with Windows or Linux....if someone hacker did the work ....

5 posted on 03/21/2013 1:26:22 PM PDT by Ernest_at_the_Beach ((The Global Warming Hoax was a Criminal Act....where is Al Gore?))
[ Post Reply | Private Reply | To 3 | View Replies]

To: Ernest_at_the_Beach

Impossible. Macs don’t get viruses.

/s


6 posted on 03/21/2013 1:27:34 PM PDT by Responsibility2nd (NO LIBS. This Means Liberals and (L)libertarians! Same Thing. NO LIBS!!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

MAC bump


7 posted on 03/21/2013 1:29:48 PM PDT by Pontiac (The welfare state must fail because it is contrary to human nature and diminishes the human spirit.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Responsibility2nd
Impossible. Macs don’t get viruses.

That's why Norton, Mcafee, Webroot, etc,etc,etc. sell Anti-Virus utilities for Mac.

8 posted on 03/21/2013 1:31:35 PM PDT by unixfox (Abolish Slavery, Repeal The 16th Amendment!)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Responsibility2nd
"...Impossible. Macs don’t get viruses..."

Heh, I usually hear that from people who don't know anything about computers, or who don't know anythings about Macs.

People who DO know anything about computers don't say that.

9 posted on 03/21/2013 1:33:09 PM PDT by rlmorel (1793 French Jacobins and 2012 American Liberals have a lot in common.)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Responsibility2nd

Technically this is not a virus it is a Trojan.


10 posted on 03/21/2013 1:34:00 PM PDT by Pontiac (The welfare state must fail because it is contrary to human nature and diminishes the human spirit.)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Ernest_at_the_Beach

It appears that the user has to help out by approving and downloading something to get infected.

Human engineering.


11 posted on 03/21/2013 1:35:09 PM PDT by rlmorel (1793 French Jacobins and 2012 American Liberals have a lot in common.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Albion Wilde

The only search engine I use is called GoodSearch.com

I’ve been using it for years, now, and I find it is excellent!

The other good thing about GoodSearch is that when you first use it, it asks you to name a charity that you support. After you do that, it throws a few pennies to that charity every time you use it.

I listed my “charity” as Second Amendment Sisters in this way. We are a non-profit organization.

You don’t make a lot of money—but we have gotten a couple of checks for around $100.


12 posted on 03/21/2013 1:38:09 PM PDT by basil (basil, 2ASisters.org)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Ernest_at_the_Beach

In other words, they trick you into typing in the root password.

If you’re willing to type in the root password for anything that asks for it, you’re not much of a Unix Sysadmin.


13 posted on 03/21/2013 1:51:15 PM PDT by proxy_user
[ Post Reply | Private Reply | To 1 | View Replies]

To: unixfox
That's why Norton, Mcafee, Webroot, etc,etc,etc. sell Anti-Virus utilities for Mac.

And I am sure they are all HUGH sellers, too.

14 posted on 03/21/2013 2:01:50 PM PDT by John Valentine (Deep in the Heart of Texas)
[ Post Reply | Private Reply | To 8 | View Replies]

To: proxy_user
In other words, they trick you into typing in the root password.

If you’re willing to type in the root password for anything that asks for it, you’re not much of a Unix Sysadmin.

Oh. Thank you for explaining it in terms I could comprehend, proxy_user. It suddenly makes sense!

15 posted on 03/21/2013 2:03:49 PM PDT by Standing Wolf
[ Post Reply | Private Reply | To 13 | View Replies]

To: Ernest_at_the_Beach
...the most popular method being the use of movie trailer pages in which users must install a plugin to view the content.

Any computer user stupid enough to fall for this ploy ALMOST deserves what they get. I say ALMOST, because nobody, no matter how stupid, deserves to have their computer messed with by a remote A-hole.

16 posted on 03/21/2013 2:04:51 PM PDT by John Valentine (Deep in the Heart of Texas)
[ Post Reply | Private Reply | To 1 | View Replies]

To: null and void

ping. look at the search engine recommendation


17 posted on 03/21/2013 2:23:32 PM PDT by Shimmer1 (No matter how cynical I get, I just can't keep up.)
[ Post Reply | Private Reply | To 12 | View Replies]

To: rlmorel
This one was more serious...looks like they went after Unix-Linux servers:

South Korean Banks, Media Companies Targeted by Destructive Malware

18 posted on 03/21/2013 2:34:54 PM PDT by Ernest_at_the_Beach ((The Global Warming Hoax was a Criminal Act....where is Al Gore?))
[ Post Reply | Private Reply | To 11 | View Replies]

To: basil

It is sponsored by Yahoo, right?

It is nice to support charity, but I prefer DuckDuckGo, which doesn’t track you, at least so far.


19 posted on 03/21/2013 3:13:20 PM PDT by jacquej
[ Post Reply | Private Reply | To 12 | View Replies]

To: Responsibility2nd; Swordmaker

Been using Macs since 1982, and never had a virus/trojan/malware problem yet.

And I am on the ‘net constantly. Just anecdotal, I know. Will wait for Swordmaker to post.


20 posted on 03/21/2013 3:15:37 PM PDT by jacquej
[ Post Reply | Private Reply | To 6 | View Replies]

To: basil

Not that I know of. I know that they don’t sell your information.


21 posted on 03/21/2013 3:45:20 PM PDT by basil (basil, 2ASisters.org)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Ernest_at_the_Beach; Swordmaker

Thanks Ernest.
The malware works by installing an adware plugin into any of the popular browsers then overlays an advertisement in key locations on webpages. Doctor Web says that this trojan is just another piece of a large adware puzzle that has been infecting OS X for some time now.
Doctor Web's selling something, IOW. Might I suggest the product name "Turnip Truck"? I want off of it already. ;')


22 posted on 03/21/2013 5:02:38 PM PDT by SunkenCiv (Romney would have been worse, if you're a dumb ass.)
[ Post Reply | Private Reply | View Replies]

To: jacquej

Same here. There is no doubt OSX was far better than XP in terms of security in various aspects, and it is indeed true that there is a little bit of security by obscurity going on (most dipstick hackers who put vile stuff out are windows users) but by and large, I have never had to re-image my mac because of a virus or some other form of malware, or even had to spend any time remediating that kind of thing at all.

I have been using Macs since 1986 and PC’s since the early 90’s as an IT professional, and the vast majority of issues I have had to deal with since the Internet really took off are viruses and malware on PC’s.

Issues with Macs have often been user induced, configuration or hardware issues. PC’s have those as well, but far more issues are caused by viruses or malware in my experience.

My brother ran his own business for 10 years doing computer support, and I often worked nights with him just so we could spend time together, and I took the opportunity to learn from him. I would say 75% of the work he did was cleaning PC’s of viruses and such.

I found over the years that using antivirus software on a Mac is far more deleterious than any viruses that might infect it.

But as anyone who is a professional knows, ya gotta keep stuff backed up, and ya gotta use common sense. If something you didn’t ask for pops up and asks for permission to install something, if you didn’t specifically initiate it...you say...No.

There is not a system made that I know of that cannot be broken or cracked in some way, because people are persistent and knowledgeable. Granted, it make take a huge amount of time, money and subterfuge to break into some systems, but the simple fact that HUMANS have to have a way to interact with them opens them up to attack.


23 posted on 03/21/2013 5:29:22 PM PDT by rlmorel (1793 French Jacobins and 2012 American Liberals have a lot in common.)
[ Post Reply | Private Reply | To 20 | View Replies]

To: SunkenCiv
"...A new virus specific to Mac has been discovered by Russian security firm..."

Heheheh...could be me, but THAT would be the first thing that makes me suspicious!

How Not to Get Mugged

24 posted on 03/21/2013 5:33:30 PM PDT by rlmorel (1793 French Jacobins and 2012 American Liberals have a lot in common.)
[ Post Reply | Private Reply | To 22 | View Replies]

To: rlmorel

At high risk of sounding way too “biblical”, which I am sure will offend some in the ‘puter community, one of the “blessings” of a closed system like the Mac OS, so far.

If you stick to the straight and narrow road, and do not stray from it, you will never have any problems.

That surely is a fun spoiler for many, but for those of us who depend on our computers to make a living, and can’t afford IT expenses, it has kept us safe, secure, and profitable.

Don’t do naughty things with your Macs, and you won’t have any troubles, friends.

Just saying...


25 posted on 03/21/2013 8:45:30 PM PDT by jacquej
[ Post Reply | Private Reply | To 23 | View Replies]

To: ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; Aliska; altair; ...
Another variant TROJAN for Mac OSX according to Dr. Web (a very unreliable source for such reports), its another JAVA based Trojan that YOU have to install yourself. —PING!


Apple Security Ping!

If you want on or off the Mac Ping List, Freepmail me.

26 posted on 03/21/2013 11:32:43 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Responsibility2nd
Impossible. Macs don't get viruses. /s

They don't. This isn't a virus. It's an application the user installs himself that does something more than what is described in the literature for the app. It may do something malicious or innocuous, but it carries a payload the person installing it did not intend or want. A virus is never wanted nor is it installed by the user's intent. . . It invades.

27 posted on 03/21/2013 11:39:56 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 6 | View Replies]

To: rlmorel
People who DO know anything about computers don't say that.

. PLEASE. name a successful real computer virus, that is not a Trojan Application, that was EVER in the wild for Mac OSX. I DO know quite a bit about computers. . . especially Macs. Keep in mind the actual definition of computer viruses. Also, keep in mind that I am completely familiar with EVERY OSX "virus" candidate that has been suggested or put forward in the past fifteen years since OSX Server was introduced and why all failed to make the grade as a successful virus that could infect a Mac.

It took over nine years for a successful Trojan to be written. And it was an easily avoided Trojan at that, as are all of them for Mac OSX, as is this one.

28 posted on 03/21/2013 11:54:53 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 9 | View Replies]

To: unixfox
That's why Norton, Mcafee, Webroot, etc,etc,etc. sell Anti-Virus utilities for Mac.

Over ten years of running multiple Macs, up to fifty in one network alone, NONE has had any third-party anti-virus installed. . . and none has ever been compromised! So, that's a very good question. Most people who run Mac AV software—about 2% of Mac OSX users—do it to scrub WINDOWS malware from incoming files before sending them on to their Windows impaired friends. The statistics of even those companies show that 98.7% of the malware intercepted by their Mac AV apps was Windows Malware. . . and the balance was Mac OSX Trojans that could ONLY be found by TURNING OFF the built in protection in OSX so the third-party anti-virus COULD intercept what was already being blocked by the OS. . . and ALL of them disable the Apple supplied, very effective, anti-Trojan system so they can intercept the known Mac malware.

Note that NONE, including Apple's, will intercept a new Trojan in a new family.

29 posted on 03/22/2013 12:13:32 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 8 | View Replies]

To: Ernest_at_the_Beach

Not just Mac, Yontoo infected my windows machine..


30 posted on 03/22/2013 2:59:19 AM PDT by cardinal4 (Constitution? What Constitution?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker
98.7% of the malware intercepted by their Mac AV apps was Windows Malware. . .
Is Win 7 enough better than XT that Windows viruses are declining?
Steve Jobs did a brilliant job of carrying Mac users and developers over to Unix, which was always his intent even before he was ousted from Apple. It seems to me that the public would have been best served if Microsoft had done the same thing - but that it wouldn’t have been the best thing for Microsoft itself, which would then have been in the position of having to compete with OS X on a level playing field.
Nassim Nicholas Taleb, author of

The Black Swan:
The Impact of the Highly Improbable
 by Nassim Nicholas Taleb
is a very interesting writer, and one whose work is highly opinionated and very anti-socialist (and also highly critical of economists and journalists). And of factory education.
Taleb also is highly complimentary of Steve Jobs’ rejection of conventional market research in favor of the proposition that “people don’t know what they want until I give it to them.” It would not at all surprise me to learn that you enjoyed reading Taleb. He is challenging reading, tho . . . I’d love to see a commentary by Sowell on Taleb!

31 posted on 03/22/2013 5:50:38 AM PDT by conservatism_IS_compassion (“Liberalism” is a conspiracy against the public by wire-service journalism.)
[ Post Reply | Private Reply | To 29 | View Replies]

To: Swordmaker

You will notice the way I framed it: It CAN be done. There is no completely secure system out there.

Mac OSX is in no way completely immune, and that is 100% true. And I say this both as a person who has never personally owned a PC in the computer age (I have only owned Macs) but also as an IT professional.

This is because, in practical terms, the risk is small enough that for me, as an IT professional (and many I know) I do not use antivirus software on Macs. When one makes it “into the wild” and causes actual I will reconsider my stance on antivirus software.

The rule of thumb is that if you can conceive something happening, there is a likelihood that it WILL happen someday. My way to be safe it is making sure I have staggered backups in duplicate.


32 posted on 03/22/2013 9:20:45 AM PDT by rlmorel (1793 French Jacobins and 2012 American Liberals have a lot in common.)
[ Post Reply | Private Reply | To 28 | View Replies]

To: conservatism_IS_compassion

Thanks for posting that, CIC. I am always up for reading someone who flatly rejects socialism...:)


33 posted on 03/22/2013 9:24:23 AM PDT by rlmorel (1793 French Jacobins and 2012 American Liberals have a lot in common.)
[ Post Reply | Private Reply | To 31 | View Replies]

To: rlmorel

Oh, I agree wholeheartedly. Viruses are not the only threat that is out there and hardware failure is far more likely to destroy your data on a Mac than any theoretical computer virus that has yet to be seen on OSX. I, like you, have redundant backups of my backups, in off-site locations. I’m not going to put my business at risk to wishful thinking.

I did know what you were saying. . . But some claims of peril are so many sigmas on the far end of the bell curve that economically you don’t waste time or money on them. We have seen the sky is falling from the Windows crowd about Mac’s being just as vulnerable to computer viruses so many times that it gets ridiculous. It’s mere wishful thinking on their part.


34 posted on 03/22/2013 3:31:33 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 32 | View Replies]

To: basil
The only search engine I use is called GoodSearch.com... it asks you to name a charity that you support. After you do that, it throws a few pennies to that charity every time you use it. I listed my “charity” as Second Amendment Sisters ...

Excellent recommendation, Basil. Long time no see -- how the heck are you? Best FReegards for the Easter holiday.

35 posted on 03/22/2013 5:39:07 PM PDT by Albion Wilde (Liberalism: knowing you're better than everyone else because of your humility. -- Daniel Greenfield)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Swordmaker

Oh, no. Don’t misunderstand me...I did not say they were just as vulnerable, because they aren’t.

But they aren’t invulnerable either. I don’t think you and I are that far apart.

I like the fact that you are an advocate for the platform, always have been. It is a good one...:)


36 posted on 03/22/2013 8:10:18 PM PDT by rlmorel (1793 French Jacobins and 2012 American Liberals have a lot in common.)
[ Post Reply | Private Reply | To 34 | View Replies]

To: jacquej
It is nice to support charity, but I prefer DuckDuckGo, which doesn’t track you, at least so far.

Neither does Startpage.

37 posted on 03/23/2013 1:50:44 PM PDT by Albion Wilde (Liberalism: knowing you're better than everyone else because of your humility. -- Daniel Greenfield)
[ Post Reply | Private Reply | To 19 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson