The Hacker News
Russian anti-virus company Doctor Web reports that a new Mac OS X adware Trojan spreading itself via crafted movie trailer pages that prompt users to install a browser plugin. Basically, an adware is any software package which automatically renders advertisements in order to generate revenue for its author.


Dubbed as 'Trojan.Yontoo.1', Attackers have provided a number of alternative ways to spread the threat. The Trojan can also be downloaded as a media player, a video quality enhancement program or a download accelerator.

When victim visits the site, the dialogue only imitates the traditional plate and specially designed by hackers to enter a potential victim of misleading. After pressing the «Install the plug-in» victim is redirected to the site to download malware.

When launched, Trojan.Yontoo.1 displays a dialogue window that asks the user if they want to install Free Twit Tube. after the user presses 'Continue', instead of the promised program, the Trojan downloads.
The Hacker News

While a user surfs the web, the plugin transmits information about the loaded pages to a remote server. In return, it gets a file that enables the Trojan to embed third-party code into pages visited by the user. This is how an page is displayed on an infected machine.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.