"Dr. Web" anti-virus firm warns of new Mac Trojan

“Dr. Web” anti-virus firm warns of new Mac Trojan
Credit: Doctor Web

(Phys.org) —Dr. Web, the Russian anti-virus firm has issued an announcement regarding malware infecting Mac computers—called Trojan.Yontoo.1, it makes its way to users' computers by tricking them into downloading it. Once installed, it tracks the user's Internet history and injects ads into websites, generating revenue for the people who created and unleashed the malware.

For years, have felt nearly immune to malware attacks—such computers rarely if ever got viruses, much less Trojans. But those days are over Dr. Web says, noting that they've seen a steady climb in malware on the Internet targeting Mac users since the beginning of the year. Impacted by this new Trojan are users of computers running OS X, with Safari, Chrome or Firefox browsers.

The Trojan is actually fairly straightforward, users wandering onto certain websites, attracted by the idea of watching movie trailers are told their viewing experience will be better if they install a program called "Free Twit Tube." If the user agrees, they are presented with a familiar looking pop-up asking if they'd like to continue. If they do so, the Trojan will be installed into all of the browsers on the computer. Dr. Web notes that there are variants of the initial ploy used to entice users—some advertise a new media player, another promises to speed up downloads, etc. The end result for all of them is the same, the user is redirected to another page where they are prompted to download the program, which actually does nothing except install its Trojan app into all available browsers.

Fortunately for Mac users, the Trojan.Yontoo.1 is both easy to spot and remove. It shows up as an app in all three browser types as "Yontoo," and thus can be disabled just like any other app, or deleted from the computer altogether.

The purpose of the Trojan appears to be a means for providing those that made it a way to create revenue for themselves by creating false page views by the people using the infected computers. Ads pop up on web sites that weren't meant to be there, and the perpetuators of the Trojan receive credit for them. Dr. advises users to only ever download programs or apps from reliable and/or well-known providers.


Explore further

Apple kicks SMS scam fraudsters to the curb

© 2013 Phys.org

Citation: "Dr. Web" anti-virus firm warns of new Mac Trojan (2013, March 22) retrieved 17 May 2021 from https://phys.org/news/2013-03-dr-web-anti-virus-firm-mac.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
0 shares

Feedback to editors

User comments