Skip to comments.Mac-specific Trojan discovered, injects ads into webpages
Posted on 03/21/2013 1:18:06 PM PDT by Ernest_at_the_Beach
A new virus specific to Mac has been discovered by Russian security firm Doctor Web. Named Trojan.Yontoo.1, the virus injects ads into webpages on the infected machine.
The malware works by installing an adware plugin into any of the popular browsers then overlays an advertisement in key locations on webpages. Doctor Web says that this trojan is just another piece of a large adware puzzle that has been infecting OS X for some time now.
The virus can be caught in several different ways, with the most popular method being the use of movie trailer pages in which users must install a plugin to view the content. Other methods of injection have been media player enhancement programs and download accelerators. One indication of infection is that when launched, Trojan.Yontoo.1 will prompt users to install a program called "Free Twit Tube" or something similar.
No information has been released from Apple on a removal tool yet, and it is expected that Apple will just patch its XProtect.plist which already blocks about 15 previous malware attacks. The best thing is to avoid any installs from unknown websites or anything that has a funny name. Remember, Google is your friend and if you are unsure of an application's validity, a five second search could prevent an infection. Be smart.
Great post except for the above, which means "all your keystroke are belong to us." It's good to use a search proxy like Startpage.
Thanks again for the helpful Mac info.
Sounds like it would work with Windows or Linux....if someone hacker did the work ....
Impossible. Macs don’t get viruses.
That's why Norton, Mcafee, Webroot, etc,etc,etc. sell Anti-Virus utilities for Mac.
Heh, I usually hear that from people who don't know anything about computers, or who don't know anythings about Macs.
People who DO know anything about computers don't say that.
Technically this is not a virus it is a Trojan.
It appears that the user has to help out by approving and downloading something to get infected.
The only search engine I use is called GoodSearch.com
I’ve been using it for years, now, and I find it is excellent!
The other good thing about GoodSearch is that when you first use it, it asks you to name a charity that you support. After you do that, it throws a few pennies to that charity every time you use it.
I listed my “charity” as Second Amendment Sisters in this way. We are a non-profit organization.
You don’t make a lot of money—but we have gotten a couple of checks for around $100.
In other words, they trick you into typing in the root password.
If you’re willing to type in the root password for anything that asks for it, you’re not much of a Unix Sysadmin.
And I am sure they are all HUGH sellers, too.
In other words, they trick you into typing in the root password.
If youre willing to type in the root password for anything that asks for it, youre not much of a Unix Sysadmin.
Oh. Thank you for explaining it in terms I could comprehend, proxy_user. It suddenly makes sense!
Any computer user stupid enough to fall for this ploy ALMOST deserves what they get. I say ALMOST, because nobody, no matter how stupid, deserves to have their computer messed with by a remote A-hole.
ping. look at the search engine recommendation
It is sponsored by Yahoo, right?
It is nice to support charity, but I prefer DuckDuckGo, which doesn’t track you, at least so far.
Been using Macs since 1982, and never had a virus/trojan/malware problem yet.
And I am on the ‘net constantly. Just anecdotal, I know. Will wait for Swordmaker to post.
Not that I know of. I know that they don’t sell your information.
The malware works by installing an adware plugin into any of the popular browsers then overlays an advertisement in key locations on webpages. Doctor Web says that this trojan is just another piece of a large adware puzzle that has been infecting OS X for some time now.Doctor Web's selling something, IOW. Might I suggest the product name "Turnip Truck"? I want off of it already. ;')
Same here. There is no doubt OSX was far better than XP in terms of security in various aspects, and it is indeed true that there is a little bit of security by obscurity going on (most dipstick hackers who put vile stuff out are windows users) but by and large, I have never had to re-image my mac because of a virus or some other form of malware, or even had to spend any time remediating that kind of thing at all.
I have been using Macs since 1986 and PC’s since the early 90’s as an IT professional, and the vast majority of issues I have had to deal with since the Internet really took off are viruses and malware on PC’s.
Issues with Macs have often been user induced, configuration or hardware issues. PC’s have those as well, but far more issues are caused by viruses or malware in my experience.
My brother ran his own business for 10 years doing computer support, and I often worked nights with him just so we could spend time together, and I took the opportunity to learn from him. I would say 75% of the work he did was cleaning PC’s of viruses and such.
I found over the years that using antivirus software on a Mac is far more deleterious than any viruses that might infect it.
But as anyone who is a professional knows, ya gotta keep stuff backed up, and ya gotta use common sense. If something you didn’t ask for pops up and asks for permission to install something, if you didn’t specifically initiate it...you say...No.
There is not a system made that I know of that cannot be broken or cracked in some way, because people are persistent and knowledgeable. Granted, it make take a huge amount of time, money and subterfuge to break into some systems, but the simple fact that HUMANS have to have a way to interact with them opens them up to attack.
Heheheh...could be me, but THAT would be the first thing that makes me suspicious!
At high risk of sounding way too “biblical”, which I am sure will offend some in the ‘puter community, one of the “blessings” of a closed system like the Mac OS, so far.
If you stick to the straight and narrow road, and do not stray from it, you will never have any problems.
That surely is a fun spoiler for many, but for those of us who depend on our computers to make a living, and can’t afford IT expenses, it has kept us safe, secure, and profitable.
Don’t do naughty things with your Macs, and you won’t have any troubles, friends.
If you want on or off the Mac Ping List, Freepmail me.
They don't. This isn't a virus. It's an application the user installs himself that does something more than what is described in the literature for the app. It may do something malicious or innocuous, but it carries a payload the person installing it did not intend or want. A virus is never wanted nor is it installed by the user's intent. . . It invades.
. PLEASE. name a successful real computer virus, that is not a Trojan Application, that was EVER in the wild for Mac OSX. I DO know quite a bit about computers. . . especially Macs. Keep in mind the actual definition of computer viruses. Also, keep in mind that I am completely familiar with EVERY OSX "virus" candidate that has been suggested or put forward in the past fifteen years since OSX Server was introduced and why all failed to make the grade as a successful virus that could infect a Mac.
It took over nine years for a successful Trojan to be written. And it was an easily avoided Trojan at that, as are all of them for Mac OSX, as is this one.
Over ten years of running multiple Macs, up to fifty in one network alone, NONE has had any third-party anti-virus installed. . . and none has ever been compromised! So, that's a very good question. Most people who run Mac AV softwareabout 2% of Mac OSX usersdo it to scrub WINDOWS malware from incoming files before sending them on to their Windows impaired friends. The statistics of even those companies show that 98.7% of the malware intercepted by their Mac AV apps was Windows Malware. . . and the balance was Mac OSX Trojans that could ONLY be found by TURNING OFF the built in protection in OSX so the third-party anti-virus COULD intercept what was already being blocked by the OS. . . and ALL of them disable the Apple supplied, very effective, anti-Trojan system so they can intercept the known Mac malware.
Note that NONE, including Apple's, will intercept a new Trojan in a new family.
Not just Mac, Yontoo infected my windows machine..
98.7% of the malware intercepted by their Mac AV apps was Windows Malware. . .
Is Win 7 enough better than XT that Windows viruses are declining?Steve Jobs did a brilliant job of carrying Mac users and developers over to Unix, which was always his intent even before he was ousted from Apple. It seems to me that the public would have been best served if Microsoft had done the same thing - but that it wouldnt have been the best thing for Microsoft itself, which would then have been in the position of having to compete with OS X on a level playing field.
Nassim Nicholas Taleb, author ofis a very interesting writer, and one whose work is highly opinionated and very anti-socialist (and also highly critical of economists and journalists). And of factory education.
Taleb also is highly complimentary of Steve Jobs rejection of conventional market research in favor of the proposition that people dont know what they want until I give it to them. It would not at all surprise me to learn that you enjoyed reading Taleb. He is challenging reading, tho . . . Id love to see a commentary by Sowell on Taleb!
You will notice the way I framed it: It CAN be done. There is no completely secure system out there.
Mac OSX is in no way completely immune, and that is 100% true. And I say this both as a person who has never personally owned a PC in the computer age (I have only owned Macs) but also as an IT professional.
This is because, in practical terms, the risk is small enough that for me, as an IT professional (and many I know) I do not use antivirus software on Macs. When one makes it “into the wild” and causes actual I will reconsider my stance on antivirus software.
The rule of thumb is that if you can conceive something happening, there is a likelihood that it WILL happen someday. My way to be safe it is making sure I have staggered backups in duplicate.
Thanks for posting that, CIC. I am always up for reading someone who flatly rejects socialism...:)
Oh, I agree wholeheartedly. Viruses are not the only threat that is out there and hardware failure is far more likely to destroy your data on a Mac than any theoretical computer virus that has yet to be seen on OSX. I, like you, have redundant backups of my backups, in off-site locations. I’m not going to put my business at risk to wishful thinking.
I did know what you were saying. . . But some claims of peril are so many sigmas on the far end of the bell curve that economically you don’t waste time or money on them. We have seen the sky is falling from the Windows crowd about Mac’s being just as vulnerable to computer viruses so many times that it gets ridiculous. It’s mere wishful thinking on their part.
Excellent recommendation, Basil. Long time no see -- how the heck are you? Best FReegards for the Easter holiday.
Oh, no. Don’t misunderstand me...I did not say they were just as vulnerable, because they aren’t.
But they aren’t invulnerable either. I don’t think you and I are that far apart.
I like the fact that you are an advocate for the platform, always have been. It is a good one...:)
Neither does Startpage.