Wednesday, March 20, 2013, 10:55 pm PT (01:55 am ET)
New adware trojan targets Mac Web browsers, nets criminals moneyA newly discovered trojan has been found to target OS X Web browsers like Safari, Chrome and Firefox, inserting adware onto an affected computer to net criminals profits from affiliate ad networks.
Apple.com as viewed by a Yontoo affected browser. | Source: Dr. Web
Russian anti-virus company Dr. Web, the same company that was first to discover the infamous Flashback malware in 2012, confirmed the existence of a new trojan called "Trojan.Yontoo.1," which downloads and installs an adware plugin on unsuspecting Mac user's machines.
As noted by The Next Web, the firm's analysts said Yontoo is being spread through nefarious movie trailer webpages that prompt Mac owners to install a browser plugin, media player, video quality enhancement program or download accelerator.
In one example, the installer asks if a user wants to download a program called "Free Twit Tube." When confirmed, the Yontoo plugin is installed for Safari, Chrome and Firefox, which then transmits browsing data to an off-site server. Information about the loaded pages is processed and the server sends back a file which embeds third-party code into webpages visited by the user.
Criminals gain profits from affiliate ad networks when users view or click through the embedded ads.
Dr. Web points out that a similar trojan method is being used to insert adware on Windows PCs.
On Topic: Mac OS X
- Apple releases Safari 7.1 and 6.2, OS X Server 3.2 betas to developers
- Apple updates pro-level video suite with fixes for Final Cut Pro X, Compressor and Motion
- Mailbox for Mac hits public beta, adds synced drafts and 'snooze to desktop' feature
- Rumor: Undisclosed security breach cause of Apple's new Gatekeeper app signing policy
- Apple releases OS X Yosemite Developer Preview 6, Xcode 6 beta 6