Apple blocks OS X “Yontoo” malware that injected ads into websites

Yesterday, we noted that a new “Yontoo” malware hit the web that could inject advertising into websites (including Apple’s own site).

Word surfaced of new malware targeting major browsers on the Mac platform with adware capable of injecting advertising into users' browsing experiences. The malware, known as "Yontoo", masquerades as a video plug-in or download accelerator in order to trick users into installing the package.

Today, Apple has blocked that malware by updating its anti-malware definition system.The change was first reported by Intego:

As noted by security firm Intego, Apple has already updated its "Xprotect" anti-malware system to recognize Yontoo and warn users who attempt to install it on their machines.

Apple routinely uses its Xprotect anti-malware tools introduced in OS X Snow Leopard to provide rudimentary protection against threats, and has expanded its efforts in OS X Mountain Lion with the introduction of Gatekeeper to allow users to restrict app installation to software from identified developers registered with Apple, or even to only apps installed through the Mac App Store.

Apple has also been using Xprotect to enforce minimum version requirements for plug-ins such as Java and Flash Player, forcing users to upgrade from earlier versions known to have significant security issues.

Reference: Apple blocks OS X “Yontoo” malware that injected ads into websites

Apple updates OS X anti-malware definitions to block "Yontoo" adware