New 'Yontoo' Adware Trojan Targets Major Browsers on OS X

Russian security firm Doctor Web this week highlighted a new trojan (via The Next Web) affecting OS X systems and which installs an adware plug-in capable of injecting ads into users' browsing experience.

As with other trojans, this new Yontoo malware relies on tricking users into installing the package, which in this case masquerades as a movie trailer video plug-in, download accelerator, or other software a user might believe they want or need on their system.

When launched, Trojan.Yontoo.1 displays a dialogue window that asks the user if they want to install Free Twit Tube.

However, after the user presses ‘Continue’, instead of the promised program, the Trojan downloads (from the Internet) and installs the plugin Yontoo for Safari, Chrome and Firefox. These browsers are most popular among Mac OS X users. While a user surfs the web, the plugin transmits information about the loaded pages to a remote server.

In return, it gets a file that enables the Trojan to embed third-party code into pages visited by the user.

As an example of Yontoo's capabilities, Doctor Web shows how ads can be injected into apple.com once the plug-in has been unwittingly installed by the user.

apple_com_adware
Compared to Windows, OS X has long been a relatively unpopular target for malware authors, but attacks targeting Apple customers have been on the rise. Many of the most highly publicized attacks come via trojans that rely on tricking users into granting installation privileges, while third-party platforms such as Java have also frequently been used to inject code into Mac systems.

Apple has been increasing its efforts to fight malware, introducing a rudimentary anti-malware functionality in OS X Snow Leopard and an enhanced Gatekeeper system in OS X Mountain Lion. Apple has also increasingly been blocking vulnerable versions of Java until Oracle is able to release patched versions of its plug-ins.

Top Rated Comments

Slix Avatar
125 months ago
Want to install Free Twit Tube?

Seems legit. :rolleyes:
Score: 20 Votes (Like | Disagree)
litmag01 Avatar
125 months ago
Say YES to everything unless it asks to continue.

In that case, press CONTINUE and enter bank account number, routing number and any pertinant passwords.
Score: 18 Votes (Like | Disagree)
anzio Avatar
125 months ago
It's times like this that I'm glad that OS X has XProtect.

Oh yeah. And I'm happy I also wield common sense. :)
Score: 14 Votes (Like | Disagree)
Pechente Avatar
125 months ago
Wow, a user can be tricked to actively install harmful software - a serious flaw in OS X!
Score: 11 Votes (Like | Disagree)
Apple_Robert Avatar
125 months ago
Macs were never as secure as PCs but they were unpopular enough that nobody bothered to attempt to exploit them. Now it seems that every other day there's another massive security flaw found in Mac OS X.

What security flaw are you referring to with this story?
Score: 9 Votes (Like | Disagree)
vmistery Avatar
125 months ago
Macs were never as secure as PCs but they were unpopular enough that nobody bothered to attempt to exploit them. Now it seems that every other day there's another massive security flaw found in Mac OS X.

You missed patch Tuesday then?
Score: 9 Votes (Like | Disagree)

Popular Stories

ipad pro m1 feature

Gurman: Apple Event This October Remains Unlikely, No Touch ID for iPhone 15

Sunday October 2, 2022 6:41 am PDT by
Apple is developing new iPad Pro, Mac, and Apple TV models, and at least some of these products will be released in October, according to Bloomberg's Mark Gurman. However, Gurman continues to believe that Apple is unlikely to hold an event this month. In the latest edition of his Power On newsletter, Gurman said "the big iPhone 14 unveiling last month was probably it for Apple in 2022 in...
maxresdefault

Apple Responds to Video Testing Crash Detection Feature With Junkyard Vehicles

Friday September 30, 2022 9:11 am PDT by
The Wall Street Journal's Joanna Stern recently traveled to Michigan to test Apple's new crash detection feature on the iPhone 14 and Apple Watch Ultra. In response, Apple provided some additional information about how the feature works. Stern recruited Michael Barabe to crash his demolition derby car with a heavy-duty steel frame into two unoccupied vehicles parked in a junkyard — a 2003...
Hero0005

Best Apple Deals of the Week: M2 MacBook Air Hits New All-Time Low Price at $1,049, Plus Sales on AirPods Pro and More

Friday September 30, 2022 9:05 am PDT by
This week's best Apple deals focus on the AirPods Pro, AirPods Pro 2, and M2 MacBook Air, including numerous all-time low prices on these devices. You'll also find up to 50 percent off discounts on Anker and Eufy accessories on Amazon. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us...
Apple SIM Card

Apple SIM No Longer Available for Activating New Cellular Data Plans on iPads

Sunday October 2, 2022 8:04 am PDT by
As of October 1, Apple SIM is no longer available for activating new cellular data plans on supported iPad models, according to an Apple support document. Introduced in 2014, the Apple SIM was designed to allow iPad users to activate cellular data plans from multiple carriers around the world. Initially, the Apple SIM was a physical nano-SIM card, but it was embedded inside later iPad Pro...
iphone 14 pro max vs 13 max 2

Camera Comparison: iPhone 14 Pro Max vs. iPhone 13 Pro Max

Thursday September 29, 2022 7:44 am PDT by
The iPhone 14 Pro and Pro Max introduce some major improvements in camera technology, adding a 48-megapixel lens and low-light improvements across all lenses with the new Photonic Engine. We've spent the last week working on an in-depth comparison that pits the new iPhone 14 Pro Max against the prior-generation iPhone 13 Pro Max to see just how much better the iPhone 14 Pro Max can be. Subscrib ...
iOS 16 Wallpaper Spectrum Feature

Five Wallpaper Apps to Check Out for iOS 16's New Lock Screen Depth Effect

Thursday September 29, 2022 9:08 am PDT by
One of the biggest new features in iOS 16 is a completely redesigned iPhone Lock Screen. The new Lock Screen is entirely customizable, letting you change the colors and fonts, add widgets and new wallpapers, and more to make your iPhone uniquely yours. Of course, even before iOS 16, you could customize your Lock Screen with a wallpaper of your choice. iOS 16 takes the Lock Screen wallpaper...
top stories 1oct2022

Top Stories: Stage Manager Expands to Older iPad Pro Models, No October Apple Event?

Saturday October 1, 2022 6:00 am PDT by
While we had been expecting a follow-up October Apple event focused on Mac and iPad announcements, it sounds like we might not be getting another event after all. Instead, the pending updates in those product segments could be considered minor enough that they may be announced via press releases. It wasn't all bad news, however, with Apple announcing that it will be expanding an on-device...
iOS 16

Apple Preparing iOS 16.0.3 With More Bug Fixes Following iPhone 14 Launch

Monday October 3, 2022 7:53 am PDT by
iOS 16.0.2 was released last month with several bug fixes for iPhone 14 issues, excessive copy and paste permission prompts, and more. Now, evidence suggests that Apple is planning to release iOS 16.0.3 with additional bug fixes. Evidence of an upcoming iOS 16.0.3 software update has shown up in MacRumors analytics logs, which have been a reliable indicator in the past. There are several...
dynamic island alan dye

Apple Executives Talk About iPhone 14 Pro's Dynamic Island in New Interview

Sunday October 2, 2022 10:48 am PDT by
In a new interview, Apple's senior vice president of software engineering, Craig Federighi, and Apple's vice president of human interface design, Alan Dye, sat down to discuss the thinking behind the iPhone 14 Pro's Dynamic Island and how it was developed. During the interview with the Japanese magazine Axis, Federighi, who oversees the development of iOS, said Dynamic Island represents the...