Adware attacks against OS X are on the rise this year, says a report by anti-virus company Doctor Web. The Russian firm recently discovered another threat, Trojan.Yontoo.1, which has quickly become the most prominent adware trojan attacking Apple desktops and laptops.
The trojan worms its way onto your computer through websites that require you to install a plugin to view the content of the site. The most common vector are movie trailer websites that prompt you to install an HD Video player or similar plugin. Instead of a media plugin, unsuspecting users will download the trojan.
Trojan.Yontoo.1 then prompts you to install Twit Tube, which is a front for the Yontoo plugin. This plugin is installed as an extension for Firefox, Chrome and Safari browsers. It tracks your browsing and serves up ads on all the websites that you visit. The above image from Doctor Web shows how Apple.com would look when the adware plugin injects its ad into your browser.
The best way to avoid this type of infection is to install only known and trusted plugins from reputable sites. If you are not familiar with the plugin, take a few minutes to do a Google search and see what other people have to say about the extension you are prompted to install. If you can’t find any details on the plugin, it is best to just avoid it.