back to article Adware-flinging Yontoo yahoos target Mac users: You like trailers, right fanboi?

Miscreants are coining it by infecting fanbois beloved Apple boxes with a well-known ad-injecting Trojan previously only found on Windows machines. Trojan.Yontoo.1, the specially crafted Mac OS X version, penetrates computers running OS X by offering what purports to be a browser plugin necessary to view content, but is …

COMMENTS

This topic is closed for new posts.
  1. Gordon Fecyk
    Headmaster

    "Windows" Adware?

    Windows adware hasGreedy advertisers have been a problem for years.

    Low hanging fruit, easy target, cheap shot. Un-called for.

    By the way, Mac users, easy way to protect yourself against greedy advertisers: Don't download stuff willy-nilly from the internet, and don't use an admin account for your daily work.

    1. Anonymous Coward
      Anonymous Coward

      Re: "Windows" Adware?

      Same as Windows users then?

    2. toadwarrior

      Re: "Windows" Adware?

      It pops up an installer and requires the root password. Anyone dumb enough to accept all that from some mysterious program is beyond help.

    3. Anonymous Coward
      Linux

      Re: "Windows" Adware?

      >"By the way, Mac users, easy way to protect yourself against greedy advertisers"

      Easy way for Mac users to protect themselves - Get a Chromebook.

    4. LarsG

      Re: "Windows" Adware? -amazing

      A story about malware adware that isn't about Android.

      How refreshing.

    5. Mondo the Magnificent
      Thumb Up

      Re: "Windows" Adware?

      Spot on with that. It seems as if most malware is activated by unwary users who believe that they are "not prone to any risk because we run a Mac"

      Irrespective of the OS, if you authorise an installation, you will be stung...

  2. Justice
    Devil

    That'll upset the Apple Cart(el)

    Looks like Macs have finally grown in enough numbers to warrant the attention of the evilnet.

    I'm betting this will put paid to the ancient 'we don't get viruses' boast so often chimed by the minority.

    1. Dan Beshear

      Re: That'll upset the Apple Cart(el)

      How much? I'll bet it won't stop any such boast.

      Fanbois aren't really in danger. It's the grannies that believe everything they read from the computer screen that are in danger with them.

    2. toadwarrior

      Re: That'll upset the Apple Cart(el)

      They don't providing you're not so stupid to assume you should go through some random installer asking for your root password.

      1. Chet Mannly

        Re: That'll upset the Apple Cart(el)

        "some random installer asking for your root password."

        You mean the installer for the plugin they downloaded to install????

        Your fanboism is showing... (and this is being typed on a Macbook...)

  3. TeeCee Gold badge
    Windows

    "...prompt users to install a browser plugin supposedly need to view content ..."

    I suppose they had to move to targetting Macs.

    I don't think Windows users fall for the old "U can haz codecs, yes?" trick any more.

  4. Mystic Megabyte
    Unhappy

    There is a flaw in Firefox The only prompt you get is one that says "You need an additional plug-in to view this content"

    What plug-in? It would be nice to have some more information before you accept the offer.

    This is version 19.0.2 but it has been like this for previous releases.

    1. Elmer Phud
      WTF?

      EH?

      As a FF user you get a message like that and go for the plug-in?

      Good grief.

  5. Inachu
    IT Angle

    See

    TO see the man and woman going at it like bunny rabbits you will need to updates your video codec cache.

  6. Henry Wertz 1 Gold badge
    Trollface

    ""Windows" Adware? "

    Yes. Adware that runs on Windows. Since this is an article about adware for Mac, and adware on them hasn't been a significant problem before, it would be unclear to just say "adware has been a problem for years", since really it hasn't except on Windows.

    That said... it's real simple. If a dodgey site claims you need their special video player, video plugin, or download accelerator, they are lying, simple as that.

    "I'm betting this will put paid to the ancient 'we don't get viruses' boast so often chimed by the minority."

    Nope! There've been (a very few) viruses for Macs since the 1980s. The fanbois just like to keep repeating the line that Macs don't get viruses. (Along with the baffling claims that Apple released the first mp3 player and smartphone... even though they'd been out for years before they released theirs.)

    1. Elmer Phud
      Facepalm

      Virus?

      "There've been (a very few) viruses for Macs since the 1980s"

      The article is about a Trojan -- not a virus.

      This isn't the Sun y'know.

  7. Peter 39

    Maybe no-one noticed that Apple blocked it already ?

    "The post is required, and must contain letters."

    It does seem that Apple is getting attentive to security issues. It has taken a while but, if this is any indication, the reaction time has improved considerably.

  8. Anonymous Coward
    Unhappy

    "Cybercrooks profit from the malware by tapping into affiliate ad network programmes."

    Affiliate ad network programs, of course, also benefit handsomely.

    But despite this, and despite the fact that without the affiliate ad networks, these particular cybercrooks' business model would be kaput, nobody in the IT press ever calls out said affiliate networks for happily laundering money through their ads, straight into the pockets of the VXers.

    Way, way back when, when the 'CoolWebSearch' hijack was going all over the place, I did a rather excruciatingly detailed chunk of research into where the money went. The hijack reset your browser's startup page to a haphazard 'search' site slathered with banner ads. The site, of course, was hosted on some bulletproof server out of China or Russia, but all of the banner ads were 'legit' stuff - and clicks shot right back through to big ad companies like Overture and Doubleclick. I tracked all of it down, complete with IP addresses, ISP info, etc, and called the major players who were involved. The ones who bothered to respond essentially said they didn't give a hot god damn where the traffic came from, that they had policies for their affiliates and it was the affiliates' job to make sure they were playing by the book.

    Convenient. They have a policy; their hands are tied; can't blame them!

    I was discussing all of this with a reasonably well-known tech journo at the time, and when I put the story together he pitched it to his editor. The editor was apparently impressed, as was the journo; unfortunately, someone from a bit further up the totem pole decided that it shouldn't run.

    The site, of course, was ad-supported...

  9. Anonymous Coward
    FAIL

    Apple boxes Infected by adware?

    So, they have to visit this adware site and download and install the browser plugin in order to get "infected".

This topic is closed for new posts.

Other stories you might like