TNW reported on a new trojan discovered by Russian website Doctor Web that installs adware on Macs running all three of most popular browsers: Safari, Firefox and Chrome. Doctor Web demonstrated that the Trojan.Yontoo.1 plugin can display ads on any site by showing it in action on Apple’s own website.
Many Mac owners still believe that OS X is immune to viruses and trojans. While it’s true the platform is well protected, a large part of the relative immunity enjoyed by Mac owners has simply been down to blackhat economics: when there were many more Windows machines around than Macs, it was less worthwhile for attackers to target Macs. As the popularity of Macs has grown, however, the platform has made an increasingly attractive target.
The trojan cannot install itself and instead relies on tricking users into downloading and installing it.
Once installed, the plugin sends details of the webpages you visit back to a server controlled by the bad guys and uses that info to insert relevant ads. The Apple example above shows just how slickly this can be done. On a less-familiar site, a visitor could easily see the ad as part of the site.