No One Can Afford an Attack - Find the best Cybersecurity Pros to Protect Your Business Data
Welcome Guest | Sign In

Yontoo Trojan Unleashes Adware Assault on Mac Browsers

By Erika Morphy MacNewsWorld ECT News Network
Mar 21, 2013 3:38 PM PT

New malware is making the rounds with Mac users in its sights: Yontoo.1 can download and install an adware browser plug-in to an infected system.

Yontoo Trojan Unleashes Adware Assault on Mac Browsers

Adware for Mac OS X has been increasing since the beginning of this year, according to Doctor Web, the antivirus company that identified Yontoo.1, but so far it is the most prominent of them all.

How It Works

There are several ways criminals interested in targeting Mac users are getting Yontoo.1 onto Macs, Doctor Web said.

For example, there are movie trailer pages that prompt users to install a browser plug-in.

After clicking on the prompt, a user is redirected to a site where Yontoo.1 is downloaded. The Trojan then installs the plug-in Yontoo for Safari, Chrome and Firefox. While the user surfs the Web, the plug-in transmits information about the loaded pages to a remote server.

The Trojan also embeds third-party code into pages visited by the user, which is how an page, for example, is displayed on an infected machine.

Yontoo.1 is also masquerading as a media player, a video quality enhancement program, or a download accelerator.

Why Macs?

News of the adware might come as a shock to the average Mac user, who has been schooled in the notion that Macs don't get viruses because it is not worthwhile for malware writers to target them.

That theory hasn't been true for a while -- if it ever was, Richard Wang, manager of SophosLabs US, told MacNewsWorld.

"Macs have been targets for some time," he said. "Their numbers are far fewer than PCs, and they are less commonly attacked, but they are definitely not immune to online criminals."

Which operating system to target is not an either/or choice for cybercriminals, Wang added. They don't have to decide between PCs and Macs. "They can choose to attack both."

Yontoo isn't exclusively Mac-focused, noted Tim Erlin, director of IT security and risk strategy at nCircle.

"Symantec noted in December of 2012 that the original revision was targeted at Windows systems," he told MacNewsWorld.

"The idea that Macs are more secure is the result of Apple's skillful marketing," Erlin continued.

"The truth is that Macs are plagued with the same vulnerabilities as any other platform," he said, "and the reality is they may have even more vulnerabilities than other platforms because they haven't been subject to the same scrutiny over time."

Facebook Twitter LinkedIn Google+ RSS
What should be done about UFOs?
World governments should cooperate to address a potential planetary threat.
The DoD should investigate -- they could signal a hostile nation's tech advances.
The government should reveal what it already knows.
The government probably has good reasons for secrecy and should be trusted on this.
Wealthy corporate space-age visionaries should take the lead.
Nothing. Studying UFOs is a waste of resources.
Keep the stories coming. People love conspiracy theories, and it's fun to speculate.