New 'Yontoo' Adware Trojan Targets Major Browsers on OS X

Russian security firm Doctor Web this week highlighted a new trojan (via The Next Web) affecting OS X systems and which installs an adware plug-in capable of injecting ads into users' browsing experience.

As with other trojans, this new Yontoo malware relies on tricking users into installing the package, which in this case masquerades as a movie trailer video plug-in, download accelerator, or other software a user might believe they want or need on their system.

When launched, Trojan.Yontoo.1 displays a dialogue window that asks the user if they want to install Free Twit Tube.

However, after the user presses ‘Continue’, instead of the promised program, the Trojan downloads (from the Internet) and installs the plugin Yontoo for Safari, Chrome and Firefox. These browsers are most popular among Mac OS X users. While a user surfs the web, the plugin transmits information about the loaded pages to a remote server.

In return, it gets a file that enables the Trojan to embed third-party code into pages visited by the user.

As an example of Yontoo's capabilities, Doctor Web shows how ads can be injected into apple.com once the plug-in has been unwittingly installed by the user.

apple_com_adware
Compared to Windows, OS X has long been a relatively unpopular target for malware authors, but attacks targeting Apple customers have been on the rise. Many of the most highly publicized attacks come via trojans that rely on tricking users into granting installation privileges, while third-party platforms such as Java have also frequently been used to inject code into Mac systems.

Apple has been increasing its efforts to fight malware, introducing a rudimentary anti-malware functionality in OS X Snow Leopard and an enhanced Gatekeeper system in OS X Mountain Lion. Apple has also increasingly been blocking vulnerable versions of Java until Oracle is able to release patched versions of its plug-ins.

Top Rated Comments

Slix Avatar
103 months ago
Want to install Free Twit Tube?

Seems legit. :rolleyes:
Score: 20 Votes (Like | Disagree)
litmag01 Avatar
103 months ago
Say YES to everything unless it asks to continue.

In that case, press CONTINUE and enter bank account number, routing number and any pertinant passwords.
Score: 18 Votes (Like | Disagree)
anzio Avatar
103 months ago
It's times like this that I'm glad that OS X has XProtect.

Oh yeah. And I'm happy I also wield common sense. :)
Score: 14 Votes (Like | Disagree)
Pechente Avatar
103 months ago
Wow, a user can be tricked to actively install harmful software - a serious flaw in OS X!
Score: 11 Votes (Like | Disagree)
Apple_Robert Avatar
103 months ago

Macs were never as secure as PCs but they were unpopular enough that nobody bothered to attempt to exploit them. Now it seems that every other day there's another massive security flaw found in Mac OS X.


What security flaw are you referring to with this story?
Score: 9 Votes (Like | Disagree)
vmistery Avatar
103 months ago

Macs were never as secure as PCs but they were unpopular enough that nobody bothered to attempt to exploit them. Now it seems that every other day there's another massive security flaw found in Mac OS X.


You missed patch Tuesday then?
Score: 9 Votes (Like | Disagree)

Top Stories

magsafecasedangle

Apple Elaborates on Potential for iPhone 12 and MagSafe Accessories to Interfere With Implantable Medical Devices

Saturday January 23, 2021 2:42 pm PST by
Since the launch of iPhone 12 models in October, Apple has acknowledged that the devices may cause electromagnetic interference with medical devices like pacemakers and defibrillators, but the company has now shared additional information. Apple added the following paragraph to a related support document today:Medical devices such as implanted pacemakers and defibrillators might contain...
Top Stories 44 Feature

Top Stories: 'Thinner and Lighter' MacBook Air, Smaller iPhone 13 Notch, iOS 14.4 Incoming

Saturday January 23, 2021 6:00 am PST by
We continued to hear a lot more about Apple's plans for its Mac lineup this week, including word of a high-end redesigned MacBook Air and the return of an SD card slot as part of the upcoming MacBook Pro redesign. It also sounds like Apple has been working on Face ID for Mac, but it won't be appearing in a redesigned iMac this year as originally planned. This week also saw rumors about the...
bloodoxygenapplewatch

Apple Watch Series 7 Rumored to Feature Blood Glucose Monitoring

Monday January 25, 2021 5:05 am PST by
The Apple Watch Series 7 will reportedly feature blood glucose monitoring via an optical sensor, according to ETNews. The report, which mainly focuses on the blood glucose capabilities of the Samsung Galaxy Watch 4, explains that Apple is intending to bring blood glucose monitoring to the upcoming Apple Watch Series 7 using a non-invasive optical sensor. Measuring blood glucose levels,...
maxresdefault

Microsoft Touts Surface Pro 7 as 'The Better Choice' Over MacBook Pro in New Ad

Saturday January 23, 2021 11:02 am PST by
Microsoft yesterday shared a new ad on YouTube titled "Microsoft Surface Pro 7: The Better Choice," in which the company compares its tablet computer to Apple's 13-inch M1 MacBook Pro, as spotted by MSPoweruser. The ad highlights the Surface Pro 7's touchscreen and included stylus as opposed to only a "little bar" (the Touch Bar) on the MacBook Pro. Other advantages of the Surface Pro 7...
airpods galaxy buds comparison

Samsung Galaxy Buds Pro vs. Apple AirPods Pro

Friday January 22, 2021 2:34 pm PST by
Samsung in January unveiled new flagship Galaxy S21 smartphones and alongside the new phones, introduced the $200 Galaxy Buds Pro, which are priced at $199 and offer Active Noise Cancellation. Subscribe to the MacRumors YouTube channel for more videos. These new Galaxy Buds Pro are clearly designed to compete with Apple's AirPods Pro, so we thought we'd compare the two sets of earbuds in our...
2021 mbp sd slot feature2

Bloomberg: Next MacBook Pro to Feature SD Card Reader

Friday January 22, 2021 7:50 am PST by
Last week, reputable analyst Ming-Chi Kuo outlined his expectations for new 14-inch and 16-inch MacBook Pro models later this year, including the return of the MagSafe charging connector, the removal of the Touch Bar, a new flat-edged design, and the return of more ports built into the notebooks for expanded connectivity. A concept of a modern MacBook Pro with an SD card reader Kuo did not...
time to walk apple watch

Apple Fitness+ Feature 'Time to Walk' Launching Soon With Audio Stories From Special Guests

Saturday January 23, 2021 7:13 pm PST by
Earlier this week, Apple seeded the watchOS 7.3 Release Candidate, which is typically the final beta version of a software update. The release notes for the update list a new "Time to Walk" feature for Apple Fitness+ subscribers, described as "an audio experience in the Workout app where guests share inspiring stories as you walk." Apple Fitness+ subscribers will be able to open the Workout...
Flat MacBook Air Feature

Bloomberg: Apple Working on 'Thinner and Lighter' High-End MacBook Air With MagSafe, Could Launch in Second Half of 2021

Friday January 22, 2021 3:34 am PST by
Apple is working on a "thinner and lighter" version of the MacBook Air that the company plans to release during the second half of this year at the earliest or in 2022, according to a new report by well-connected Bloomberg journalist Mark Gurman. It will include Apple's MagSafe charging technology and a next-generation version of the company's in-house Mac processors. Apple has discussed...
q4 2020 mac growth feature

Mac Sales Skyrocketing After M1 Launch

Tuesday January 19, 2021 3:00 am PST by
Apple's worldwide Mac shipments grew massively in the fourth quarter of 2020 after the launch of three new Macs with the M1 chip, according to new PC shipping estimates shared by Gartner. Apple shipped an estimated 6.9 million Macs, up from the 5.25 million it shipped at the same time in 2019, marking significant growth of 31.3 percent. In spite of the growth of Mac sales, Apple remained...
apple time to walk apple watch airpods 01252021 inline

Apple's New 'Time to Walk' Feature Launches Today for Fitness+ Subscribers

Monday January 25, 2021 6:30 am PST by
Apple today officially introduced Time to Walk, a new feature for Apple Fitness+ subscribers with audio stories from influential people that Apple Watch users can listen to with AirPods or other wireless headphones while walking. Time to Walk episodes will be automatically downloaded to the Apple Watch with a Fitness+ subscription, and users can start an episode directly from the Workout...