While there aren’t many Mac viruses or trojans out there, unfortunately the increasing popularity of the Mac platform makes us more desirable targets than ever before. There’s hardly a need to panic or race out and buy anti-virus software, but there are some things to be aware of as you surf the web.
Just this week the Russian anti-virus company Doctor Web released word of “Yontoo” a new trojan that’s infecting OS X users. In the scheme of things, so far it’s proving to be relatively harmless, as it’s not deleting your data or transmitting your banking info. However, it is transmitting your browser history of what sites you visit, as well as inserting rogue advertisements into the websites you visit. Ominously, the modular nature of the trojan allows it to be swapped out for other more nefarious purposes, so it’s still best to be avoided.
If there is a good thing about Yontoo, it’s that as a trojan it’s entirely avoidable if you simply exercise smart web practices. Unlike viruses, which infect computer to computer invisibly, trojans essentially work by tricking users into installing them. By masking the trojans as “necessary” video plug-ins, download accelerators and the like, users are prompted to install these plugins to view movie trailers, web videos, etc. Sometimes the named plug-ins are actually legitimate plug-ins, but they’re not what’s truly being installed.
So what do you do? Only download plug-ins from prominent websites that you trust. If you’re visiting an obscure website that plays Norwegian fishing videos, and get a message that you need to download Flash to view the video you’re trying to see, there’s no need to take the risk by downloading it from the link provided, just go to Adobe’s site and download Flash. It’s an extra step, but often it takes extra steps to be safe.
Nobody has apparently released a tool to remove Yontoo yet, but it’s safe to assume Apple’s next security update will both remove the Yontoo trojan, as well as prevent users from inadvertently installing it.