

New OS X trojan injects ads into pages in Chrome, Firefox, and Safari - recoiledsnake
http://thenextweb.com/insider/2013/03/21/new-os-x-trojan-injects-ads-into-pages-browsed-by-chrome-firefox-and-safari-even-targets-apples-website/

======
weirdcat
I'd love to see a program that blocks any new installs until approved by a
"family geek". When your mother clicks that _INSTALL NEW TOOLBAR!_ link, it
emails you with details on the software to be installed, and only after you
approve it, your mom is able to proceed with the installation.

~~~
Samuel_Michon
You can set the security preferences in OS X to only allow installation of Mac
App Store applications. That minimizes risk greatly.

<http://support.apple.com/kb/ht5290>

~~~
dmix
Only about 20% of the apps I use I've ever downloaded on Mac app store. But I
imagine for some non-tech savvy users this could work.

------
mrcharles
I would love to see stats on how many infections happen per platform based on
this virus, since it's on both Windows and OS X.

I would expect to see a higher penetration on Macs, since I assume people
using Macs don't have the higher level of paranoia that has been engendered in
Windows.

~~~
X-Istence
I don't think any of this has to do with higher level of paranoia. The same
reason Windows machines are vulnerable to social engineering attacks are the
same reason OS X is vulnerable to it.

\---

Hey, I want to watch this video/movie/clip/trailer but I need to download and
install this tool first, alright, click click click, hey, my trailer didn't
show up. On to the next website I go.

\---

There is no good way to stop crap like this either, the user is willingly
installing it themselves, people hate the walled garden that iOS has become,
and that OS X is becoming with the App Store, yet that is one of the ways that
the OS can be secured. You have people up in arms about it being closed off or
being inaccessible because of these new restrictions, but at the same time
people want to be able to install whatever they want.

Whitelisting is the only real secure way to make sure that the wrong app
doesn't run. Blacklisting means you are always chasing the ball and the
target.

~~~
Samuel_Michon
_"people hate the walled garden that iOS has become, and that OS X is becoming
with the App Store [...] You have people up in arms about it being closed off
or being inaccessible"_

'People' say a lot of things. I've personally never heard a non-geek complain
about Apple's 'walled garden'. Mac and iOS device sales are higher than ever.

------
scrrr
Can't the benefactor of this malware not be traced back using the ad-codes he
spreads rather easily?

------
JagMicker
Will people ever learn to not install random codec packages? KaZaA / K-Lite,
anyone?

~~~
Lightning
Those were the dark days. Then VLC showed up.

------
geocarncross
I've seen Yontoo for a while now(aka PageRage aka Sambreel), and they're not
the only one doing this.

It's trivial for publishers to detect Yontoo's technology, and alert people
when it's happening. Something as simple as:

    
    
        try{if(new ActiveXObject("YontooIEClient.Api"))found=!0;}catch(e){};
        try{found=!!localStorage['y2LocXML'+location.pathname];}catch(e){};

------
gailees
I actually had this happen on my windows laptop a few months ago. I initially
thought it was Facebook rolling out ridiculous ads haha

<https://news.ycombinator.com/item?id=4558985>

