Trojan.Yontoo.1, a trojan that targets Mac users, has been increasing in number since the beginning of the year, reports Dr. Web. The trojan inserts ads into webpages on the infected computer.
To spread the Trojan, criminals crafted movie trailer pages that prompt users to install a browser plugin. In fact, the prompt only imitates a common dialogue displayed when a plugin needs to be installed or additional configuration is necessary. After clicking on ‘Install the plug-in’, the user is redirected to another site from which Trojan.Yontoo.1 is downloaded.
While an infected user surfs the web, the plugin then transmits information about the loaded pages to a remote server. In return, it receives a file that can embed third-party code into the webpages. For example, you can see ads injected into an Apple webpage in the screenshot below...
Dr. Web says that its software detects the trojan as Adware.plugin.
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (7)
Comments are closed for this article.
0
JonaㅜㅐㅅN - March 25, 2013 at 1:03am
When trying to install the plugin, look at the installer name: FreeTwitTube. While this was a plugin allowing you to tweet on YouTube vids, this was trying to disguise itself as THAT plugin.
0
alain.j - March 22, 2013 at 9:26am
totally agree with Rod!
i wouldn't even call this a trojan, i would call it a plugin that YOU manually install on YOUR mac, that connects to a server and shares information.
Apple and anti-viruses shouldn't be worrying about people scrambling their macs on their own!!
0
Mirko Trojan - March 21, 2013 at 5:13pm
Hey! I am not targeting anyone ! :D
0
Wood1030 - March 21, 2013 at 4:26pm
I see that Safari browser is depicted in this story but, does it matter what browser is used to be vulnerable to this Trojan, or can we use anther to avoid said trojan?
0
Joe - March 21, 2013 at 4:21pm
Uninstall the plugin.
0
Gonzalez - March 21, 2013 at 4:19pm
How do I remove this Trojan?
0
DigiHead - March 22, 2013 at 8:23am
Wait for week or so, apple will release security update and all this crap will be gone
![Anthropic Mocks ChatGPT Ads in Super Bowl Spot, Altman Fires Back [Video]](/images/news/99846/99846/99846-160.jpg "Anthropic Mocks ChatGPT Ads in Super Bowl Spot, Altman Fires Back [Video]")
![Apple Releases macOS Tahoe 26.3 RC to Developers [Download]](/images/news/99842/99842/99842-160.jpg "Apple Releases macOS Tahoe 26.3 RC to Developers [Download]")
![Apple Seeds watchOS 26.3 RC, tvOS 26.3 RC, and visionOS 26.3 RC to Developers [Download]](/images/news/99840/99840/99840-160.jpg "Apple Seeds watchOS 26.3 RC, tvOS 26.3 RC, and visionOS 26.3 RC to Developers [Download]")
![Apple Releases iOS 26.3 RC and iPadOS 26.3 RC to Developers [Download]](/images/news/99839/99839/99839-160.jpg "Apple Releases iOS 26.3 RC and iPadOS 26.3 RC to Developers [Download]")
![iPad Air (M3) Drops to Lowest Price of the Year at $489.99 [Deal]](/images/news/99843/99843/99843-160.jpg "iPad Air (M3) Drops to Lowest Price of the Year at $489.99 [Deal]")
![Beats Powerbeats Pro 2 Drop to $199.95 [Deal]](/images/news/99815/99815/99815-160.jpg "Beats Powerbeats Pro 2 Drop to $199.95 [Deal]")
![Apple Watch Series 11 Drops Back to All-Time Low of $299 [Deal]](/images/news/99283/99283/99283-160.jpg "Apple Watch Series 11 Drops Back to All-Time Low of $299 [Deal]")
![Apple AirPods 4 With Active Noise Cancellation Drop to $119 [Deal]](/images/news/99794/99794/99794-160.jpg "Apple AirPods 4 With Active Noise Cancellation Drop to $119 [Deal]")
![AirPods Pro 3 Return to All-Time Low Price of $199 [Deal]](/images/news/99752/99752/99752-160.jpg "AirPods Pro 3 Return to All-Time Low Price of $199 [Deal]")
