Apple Updates Anti-Malware System to Block Yontoo Mac Trojan
Apple has already blocked the Trojan Yontoo 1 adware for Mac, detected by the Russian anti-virus firm Dr. Web. According to another security software company, Intego (via Ars Technica), Apple has updated the definitions used in OS X’s Xprotect.plist, which will automatically detect the trojan, so Mac users can relax – you don’t need to run any special software to stay protected.
As we previously informed, the Yontoo Trojan developers have crafted sites that prompt the user to install a missing browser plugin to view the content – which in one scenario can be a HD movie teaser. The most alarming thing was that it targeted major browsers, like Safari, Chrome and Firefox.
Since this Yontoo is adware, the “missing plugin” users installed injected advertising into the websites the user visited, including Apple.com.
While the ads themselves could be something users can bypass easily, despite being annoying, it’s the worst-case scenario that raised the red flag: The Trojan could inject other malicious code as well.
However, as Apple has updated the Xprotect.plist, it’s unlikely OS X users will get infected by accidentally installing the adware.