Apple updates built-on anti-malware to block Yontoo adware

  • Liam Tung (CSO Online)
  • — 25 March, 2013 10:03

Apple has updated its built-in anti-malware to block Yontoo, a browser plugin for Chrome, Safari and Firefox on Mac that injects advertisements into Web pages.

Russian antivirus firm Dr Web reported the arrival of Yontoo for Macs last week, labeling it a trojan since it was deceptively promoted as a media player and several other tools. Once installed, the program presents ads that would not otherwise be present on a website.

The plugin is being distributed as part of an affiliate ad network program, according to Dr Web.

According to Mac antivirus vendor Intego, Apple added Yontoo to its XProtect last Friday and detects it as OSX.Adplugin.i.

[[xref:http://www.intego.com/mac-security-blog/apple-updates-xprotect-to-detect-yontoo-adware/ |Intego’s Lisa Myers|]] says that its testing revealed detection is “very specific and potentially location-dependent.”

“This extra specificity is likely there so as to catch only the surreptitious installations of this file,” she said. Myers noted previously that adware like Yontoo are often classified as “potentially unwanted” because they are created by legitimate companies but have potentially undesirable features -- like displaying ads or tracking user information. Software moves to the “darker side of grey” when the installation is sneaky, she said.

Indeed, Symantec defines the Windows version of Yontoo for browsers as “potentially unwanted software” made by Yontoo LLC, which calls its product an “application platform that allows you to control the websites you visit everyday”.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Tags: Apple, adware, Yontoo, malware

Storing in the cloud securely: 30 services compared

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Authentication

RSA offers a wide range of strong two-factor authentication solutions to help organizations assure user identities and meet compliance requirements.

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.