Friday, March 22, 2013
Dr. Web has found a new Trojan for Mac
While Dr. Web is the only company, which reported on the existence of the virus, so that the threat is likely not too common. However, its identification eloquently shows that contemporary Mac users are increasingly becoming the target of hackers.
Trojan.Yontoo.1 works simply. Users are invited to the program installer as a plugin for the browser. This usually happens when a person comes to specific Web sites that should show trailers for films. The installer may appear directly in the media player or in an accelerator downloads. The program asks the user if he wants to carry out installation Free Twit Tube. After that, the Trojan is downloaded from the network and is installed as a plugin on all browsers, including Safari, Firefox and Chrome.
Thence Yontoo will monitor your history visits, and communicate information about the pages to a remote server. After this program is specifically inserts ads on those pages that you visit, using a third-party code. Thus, attackers can cheat views and obtain the necessary clicks. The funny thing is that the "pirate" advertising is displayed even on the official website of Apple.
Such frauds are not uncommon in the Windows-ecosystem, but now they are becoming more common on Mac. Note that Yontoo not penetrate computers in some gaps in the protection of OS X. The program relies entirely on social engineering.