Yontoo adware targets Mac, Windows users

By

Victims sprayed with dodgy ads.

Mac and Windows users are being infected with an adware trojan embedded within movie trailers.

Yontoo adware targets Mac, Windows users

The Yontoo trojan was delivered through fake plug-ins ostensibly required to watch movie trailers.

Once installed, it embeds ads on sites visited by compromised users, Russian anti-virus company Dr. Web said.

The criminals behind the scheme then profit from the ads through pay-per-click programs run by online affiliate advertisers.

In addition to spurious add-ons, the trojan is also disguised as media player downloads and other software for enhancing video quality or shortening download times, Dr Web found.

The Yontoo trojan installs itself on Safari, Chrome and Firefox browsers, popular among Mac users, and transmits data about user browsing sessions to a remote server. Yontoo then embeds code into visited sites, so the infected user sees ads.

The firm said the scam illustrates how “interest in users of Apple-compatible computers grows day by day,” among criminals.

Maxim Weinstein, executive director of StopBadware, a nonprofit that focuses on preventing mischievous web activity, like adware, told SCMagazine.com on Thursday that the pay-per-click model is a favorite among fraudsters.

“They could be making the money just from advertisement [clicks],” Weinstein said of Yontoo scammers. “But you certainly get nervous. If they are willing to use malware to get the ads on your computer, who knows what else they are willing to do for money.”

A representative from Dr. Web could not be reached for comment. 

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

Log In

  |  Forgot your password?