Posted on 03/21/2013 1:18:06 PM PDT by Ernest_at_the_Beach
A new virus specific to Mac has been discovered by Russian security firm Doctor Web. Named Trojan.Yontoo.1, the virus injects ads into webpages on the infected machine.
The malware works by installing an adware plugin into any of the popular browsers then overlays an advertisement in key locations on webpages. Doctor Web says that this trojan is just another piece of a large adware puzzle that has been infecting OS X for some time now.
The virus can be caught in several different ways, with the most popular method being the use of movie trailer pages in which users must install a plugin to view the content. Other methods of injection have been media player enhancement programs and download accelerators. One indication of infection is that when launched, Trojan.Yontoo.1 will prompt users to install a program called "Free Twit Tube" or something similar.
No information has been released from Apple on a removal tool yet, and it is expected that Apple will just patch its XProtect.plist which already blocks about 15 previous malware attacks. The best thing is to avoid any installs from unknown websites or anything that has a funny name. Remember, Google is your friend and if you are unsure of an application's validity, a five second search could prevent an infection. Be smart.
SOURCE #1
fyi
Great post except for the above, which means "all your keystroke are belong to us." It's good to use a search proxy like Startpage.
Thanks again for the helpful Mac info.
bumpage4later
Sounds like it would work with Windows or Linux....if someone hacker did the work ....
Impossible. Macs don’t get viruses.
/s
MAC bump
That's why Norton, Mcafee, Webroot, etc,etc,etc. sell Anti-Virus utilities for Mac.
Heh, I usually hear that from people who don't know anything about computers, or who don't know anythings about Macs.
People who DO know anything about computers don't say that.
Technically this is not a virus it is a Trojan.
It appears that the user has to help out by approving and downloading something to get infected.
Human engineering.
The only search engine I use is called GoodSearch.com
I’ve been using it for years, now, and I find it is excellent!
The other good thing about GoodSearch is that when you first use it, it asks you to name a charity that you support. After you do that, it throws a few pennies to that charity every time you use it.
I listed my “charity” as Second Amendment Sisters in this way. We are a non-profit organization.
You don’t make a lot of money—but we have gotten a couple of checks for around $100.
In other words, they trick you into typing in the root password.
If you’re willing to type in the root password for anything that asks for it, you’re not much of a Unix Sysadmin.
And I am sure they are all HUGH sellers, too.
In other words, they trick you into typing in the root password.If you’re willing to type in the root password for anything that asks for it, you’re not much of a Unix Sysadmin.
Oh. Thank you for explaining it in terms I could comprehend, proxy_user. It suddenly makes sense!
Any computer user stupid enough to fall for this ploy ALMOST deserves what they get. I say ALMOST, because nobody, no matter how stupid, deserves to have their computer messed with by a remote A-hole.
ping. look at the search engine recommendation
South Korean Banks, Media Companies Targeted by Destructive Malware
It is sponsored by Yahoo, right?
It is nice to support charity, but I prefer DuckDuckGo, which doesn’t track you, at least so far.
Been using Macs since 1982, and never had a virus/trojan/malware problem yet.
And I am on the ‘net constantly. Just anecdotal, I know. Will wait for Swordmaker to post.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.