The Hacker News Logo
Subscribe to Newsletter

New Mac OS X adware Trojan spreading via browser plugin

Russian anti-virus company Doctor Web reports that a new Mac OS X adware Trojan spreading itself via crafted movie trailer pages that prompt users to install a browser plugin. Basically, an adware is any software package which automatically renders advertisements in order to generate revenue for its author.


Dubbed as 'Trojan.Yontoo.1', Attackers have provided a number of alternative ways to spread the threat. The Trojan can also be downloaded as a media player, a video quality enhancement program or a download accelerator.

When victim visits the site, the dialogue only imitates the traditional plate and specially designed by hackers to enter a potential victim of misleading. After pressing the «Install the plug-in» victim is redirected to the site to download malware.

When launched, Trojan.Yontoo.1 displays a dialogue window that asks the user if they want to install Free Twit Tube. after the user presses ‘Continue’, instead of the promised program, the Trojan downloads.

While a user surfs the web, the plugin transmits information about the loaded pages to a remote server. In return, it gets a file that enables the Trojan to embed third-party code into pages visited by the user. This is how an apple.com page is displayed on an infected machine.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.