Forgot your password?
typodupeerror
Botnet OS X Security Apple

New OS X Trojan Adware Injects Ads Into Chrome, Firefox, Safari 129

Posted by timothy
from the long-sloping-path-down dept.
An anonymous reader writes "A new trojan specifically for Macs has been discovered that installs an adware plugin. The malware attempts to monetize its attack by injecting ads into Chrome, Firefox, and Safari (the most popular browsers on Apple's desktop platform) in the hopes that users will generate money for its creators by viewing (and maybe even clicking) them. The threat, detected as "Trojan.Yontoo.1" by Russian security firm Doctor Web, is part of a wider scheme of adware for OS X that has "been increasing in number since the beginning of 2013," according to the company."
This discussion has been archived. No new comments can be posted.

New OS X Trojan Adware Injects Ads Into Chrome, Firefox, Safari

Comments Filter:
  • uh oh (Score:5, Interesting)

    by slashmydots (2189826) on Thursday March 21, 2013 @02:24PM (#43237225)
    Yontoo Layers is a "legitimate" advertising program that just barely complies with US laws. I find it on at least 1 in 3 customer computers at my shop. It has a legit uninstaller and asks for permission to install by piggybacking on freeware and installer framers like download.com's new atrocity. So to call it a trojan is just asking for another Symantec style lawsuit for defamation, etc. You have to call it "possibly unpopular software" now. And if this is coincidentally another Yontoo unrelated to the actual company, that's a whole new depth of deep shit they're in for naming it that. That'd be right up there with naming it Pepsi.
  • Better Question (Score:5, Interesting)

    by Deathlizard (115856) on Thursday March 21, 2013 @02:33PM (#43237335) Homepage Journal

    Can Someone explain to me why Yontoo is detected on the Mac Platform but on Windows it's totally ok.

    While we're at it, why are any of these still not detected by any malware scanner. Even as a Potentially Unwanted Program? I'm sure just about anything listed here does a lot more malicious stuff than anything spyware like Gator ever did.

    Anything from Conduitt
    Anything from Mindspark Interactive
    myfuncards
    arcadecandy
    arcadeweb
    funweb
    freeze.com
    pricegong
    getsavin
    coupon wonderland
    fantistigames
    big fish games
    quiklinkx
    defaulttab
    mywebsearch
    we care ASCPA Reminder (my personal favorite. When you uninstall it, it basically accuses you of wanting to kill puppies.)
    shop to win
    inbox toolbar
    anything from Crawler
    24x7 help
    blekko
    dealply
    ETC

    Most of the above either popup ads, install, or trick users into installing more junk like registry scanners, fake flash players and the like. Yet almost no scanner I've found short of JRT or ADWcleaner gets rid of these things.

    It's about time these AV companies wake the heck up and realize that Spyware is back disguising itself as adware and is more prevalent than ever,

  • Re:Inb4 apple h8rz (Score:2, Interesting)

    by Wookact (2804191) on Thursday March 21, 2013 @04:10PM (#43238587)
    Actually in the world of communications, misunderstandings are the speakers fault, and not the listeners fault.

    Apple intentionally mislead people. It does not matter if they are technically correct, they left out key information that would have assisted the listener in understanding the issue better. That makes it AOK in my book at least to gripe about the fact that Apple mislead the pleebs.

    Food for thought::
    Bill Clinton said he did not have sex with Monica, and he didn't, and people still got pissed at him for "lying". Why is that?

In order to dial out, it is necessary to broaden one's dimension.

Working...