Macs can catch viruses too!

I must say that, until recently, I didn't have any anti-virus products on the Macs that I use for my work.  I am very careful about what sites I visit and what I click on if ads pop up.  So I have never had any problems.

However, my recent visits to two clients have caused me to re-think my unprotected status, and I have now download a free virus scanning tool and run regular checks of my Mac.

Two iTandCoffee clients with Adware Trojans on their Macs in one week!

The first iTandCoffee client had a problem with Safari on her Mac.  

When she visited the Webjet website and tried to book flights, her Webjet session seemed to be 'hijacked' and all sorts of advertisements would pop up on the screen, making it impossible to search for her flights.

Yontoo Adware Trojan causes strange Safari behaviour

Well, in this case the problem was that her computer had been infected with a Malware product known as Yontoo - in this case, most likely introduced by kids accessing illegal download sites.  

The below information about Yontoo is extracted from an article on the cnet website ...

Security company Dr. Web is reporting on a new adware Trojan attack that is targeting Mac users, where malicious Web sites will trick users into installing a plugin that will track your browsing and display ads to you. 
The malware, called "Yontoo," will be first encountered as a media player, download manager, or other plug-in requirement for viewing contents on some maliciously crafted Web sites disguised as sources for file sharing and movie trailers. When the plug-in prompt is clicked, you're redirected to a site that downloads the Trojan installer and requires you to run it. The installer is for a fake program called "Twit Tube," that when installed will place a Web plug-in or extension called "Yontoo" that will run in popular browsers like Safari, Chrome, and Firefox.

When the malware is running, affected systems will be actively tracked for browsing behaviors, and legitimate Web sites will be hijacked with ad banners and other content that attempts to lure you into clicking it.
The malware appears to be an ad-revenue attempt by the criminals behind it.

If you have noticed similar strange behaviour in Safari (or any other web browser on your Mac), you too may have this Adware Trojan on your Mac.  Check out this cnet article for details of what to do to remove the Yontoo trojan.

Genieo Adware Trojan replaces Google as search engine

A visit to a second client in the same week involved uninstalling a similar, but less obvious, Adware product that had installed itself on that client's computer.

This particular one was Genieo, which was causing every search that the client did using her Mac's Safari search bar to return results using something called Genieo - even though she had specified in her Safari Preferences that she wanted to use Google. 

This was another case where a unwanted product - similar to Yontoo - had installed itself as part of the download of another legitimate product. 

If you notice similar behaviour on your own Mac, check out this article for information about Genieo and how it appeared on your Mac, and of how to remove this Adware product.

Products for detecting and removing malware from your Mac

For an article that looks at various options for anti-malware products for Mac (many of which are free), check out the below article scooped on the iTandCoffee Scoop.it page recently.

Tests compare Mac OS X anti-malware products | ZDNet

Need Help?

Contact iTandCoffee if you need help with getting rid of malware or installing an anti-malware product on your Mac  - call n1300 885 420 or email [email protected].