"Dr. Web" anti-virus firm warns of new Mac Trojan

March 22, 2013 by Bob Yirka report
Credit: Doctor Web

(Phys.org) —Dr. Web, the Russian anti-virus firm has issued an announcement regarding malware infecting Mac computers—called Trojan.Yontoo.1, it makes its way to users' computers by tricking them into downloading it. Once installed, it tracks the user's Internet history and injects ads into websites, generating revenue for the people who created and unleashed the malware.

For years, have felt nearly immune to malware attacks—such computers rarely if ever got viruses, much less Trojans. But those days are over Dr. Web says, noting that they've seen a steady climb in malware on the Internet targeting Mac users since the beginning of the year. Impacted by this new Trojan are users of computers running OS X, with Safari, Chrome or Firefox browsers.

The Trojan is actually fairly straightforward, users wandering onto certain websites, attracted by the idea of watching movie trailers are told their viewing experience will be better if they install a program called "Free Twit Tube." If the user agrees, they are presented with a familiar looking pop-up asking if they'd like to continue. If they do so, the Trojan will be installed into all of the browsers on the computer. Dr. Web notes that there are variants of the initial ploy used to entice users—some advertise a new media player, another promises to speed up downloads, etc. The end result for all of them is the same, the user is redirected to another page where they are prompted to download the program, which actually does nothing except install its Trojan app into all available browsers.

Fortunately for Mac users, the Trojan.Yontoo.1 is both easy to spot and remove. It shows up as an app in all three browser types as "Yontoo," and thus can be disabled just like any other app, or deleted from the computer altogether.

The purpose of the Trojan appears to be a means for providing those that made it a way to create revenue for themselves by creating false page views by the people using the infected computers. Ads pop up on web sites that weren't meant to be there, and the perpetuators of the Trojan receive credit for them. Dr. advises users to only ever download programs or apps from reliable and/or well-known providers.

Explore further: Apple kicks SMS scam fraudsters to the curb

Related Stories

Apple kicks SMS scam fraudsters to the curb

December 14, 2012

(Phys.org)—Just what you never wanted. Mac-based malware, just ponder that phrase alone, not Windows-based but Mac-based, that tricks users into paying subscription fees. The malware masquerades as an installer for various ...

'Sabpab' Trojan seeks out Mac OS X

April 17, 2012

(Phys.org) -- Three compelling reasons that Mac loyalists say justify their love for Macs have been that Macs are 1) the prettiest computers around (2) ideal for any new-age brain that prefers visually rich knowledge work ...

Hackers pick Google's pocket with Mac virus

May 1, 2012

A virus infecting Macintosh computers is picking Google's pocket by hijacking advertising "clicks," tallying as much as $10,000 daily, according to Internet security firm Symantec.

Apple out to kill widespread Macintosh virus

April 11, 2012

Apple said it is crafting a weapon to vanquish a Flashback virus from Macintosh computers and working to disrupt the command network being used by hackers behind the infections.

Recommended for you

New method analyzes corn kernel characteristics

November 17, 2017

An ear of corn averages about 800 kernels. A traditional field method to estimate the number of kernels on the ear is to manually count the number of rows and multiply by the number of kernels in one length of the ear. With ...

Optically tunable microwave antennas for 5G applications

November 16, 2017

Multiband tunable antennas are a critical part of many communication and radar systems. New research by engineers at the University of Bristol has shown significant advances in antennas by using optically induced plasmas ...


Adjust slider to filter visible comments by rank

Display comments: newest first

1.8 / 5 (10) Mar 22, 2013
Really? Poor apple freaks...
1.9 / 5 (9) Mar 22, 2013
Hackers are probably on the anti-virus company's payroll.

Create a problem.
Create a "solution" and sell it.
Create a new problem.

Good business model, apparently.
2 / 5 (8) Mar 22, 2013
"Free Twit Tube"????

Its an IQ test. If you self-identify as a twit (or own a Mac) and download the trojan, you are a twit.
1.8 / 5 (5) Mar 22, 2013
Another test that ParkerTard has failed.

"Its an IQ test." - ParkerTard

2.2 / 5 (10) Mar 22, 2013
It's an I.Q. test, not "Its an IQ test." Who's the twit?
1.5 / 5 (8) Mar 23, 2013
yet another clone of vendicare the retard
1 / 5 (3) Mar 23, 2013
New record for thread degeneration....
not rated yet Mar 23, 2013
expanding into new markets to increase sales?
1 / 5 (4) Mar 23, 2013
"New record for thread degeneration...."

Here, I don't mind helping out:

Great, thanks for adding some anxiety to my porn experience.
1.7 / 5 (6) Mar 23, 2013
yet another clone of vendicare the retard
Oh yeah, and you're so original you made a sock puppet from a sock puppet.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.