New Trojan Targets Macs, Inserts Ads Into Webpages

Posted March 21, 2013 at 3:43pm by iClarified | Please help us and submit a translation by clicking here | 7581 views

Trojan.Yontoo.1, a trojan that targets Mac users, has been increasing in number since the beginning of the year, reports Dr. Web. The trojan inserts ads into webpages on the infected computer.

To spread the Trojan, criminals crafted movie trailer pages that prompt users to install a browser plugin. In fact, the prompt only imitates a common dialogue displayed when a plugin needs to be installed or additional configuration is necessary. After clicking on ‘Install the plug-in’, the user is redirected to another site from which Trojan.Yontoo.1 is downloaded.

While an infected user surfs the web, the plugin then transmits information about the loaded pages to a remote server. In return, it receives a file that can embed third-party code into the webpages. For example, you can see ads injected into an Apple webpage in the screenshot below...

Dr. Web says that its software detects the trojan as Adware.plugin.

Read More [via MacRumors]

Add Comment
JonaㅜㅐㅅN - March 25, 2013 at 1:03am
When trying to install the plugin, look at the installer name: FreeTwitTube. While this was a plugin allowing you to tweet on YouTube vids, this was trying to disguise itself as THAT plugin.
alain.j - March 22, 2013 at 9:26am
totally agree with Rod! i wouldn't even call this a trojan, i would call it a plugin that YOU manually install on YOUR mac, that connects to a server and shares information. Apple and anti-viruses shouldn't be worrying about people scrambling their macs on their own!!
Rod - March 21, 2013 at 6:30pm
Well, first of, thats clearly a fake install plugin, anybody that uses safari knows that, second, if you get infected by installing a trojan/virus on you computer, but downloading, installing (putting your password) and finishing the installation, then you shouldn't be allowed to have a computer. Anti-virus only protects users against virus/spywares/trojans, common sense protects humans from danger. Stupidity on the other hand...
Mirko Trojan - March 21, 2013 at 5:13pm
Hey! I am not targeting anyone ! :D
Wood1030 - March 21, 2013 at 4:26pm
I see that Safari browser is depicted in this story but, does it matter what browser is used to be vulnerable to this Trojan, or can we use anther to avoid said trojan?
3 More Comments
Follow iClarified
Facebook Updates 'Paper' App With Support for Larger iPhone 6 and iPhone 6 Plus
Apple to Require All New iOS Apps to be 64-Bit Starting February 1st
Apple has announced that it will require all ...
Early Benchmarks for the New 27-Inch Retina iMac [Chart]
Here are some early 64-bit benchmarks for the...
Tim Cook Congratulates Employees on Strong Quarter in Internal Memo
In a letter to employees, Apple CEO Tim Cook ...
NYTimes App Gets Handoff Support, Improvements to Saving Articles
The New York Times app has been updated with ...