New Yontoo Trojan Targets Major Browsers on Mac and Windows Computers

Russian security website Doctor Web has reported on a new trojan that is targeting both Windows and Mac users by silently installing a browser plug-in to inject ads into pages visited by users. It's called "Trojan.Yontoo.1", and is being distributed through movie trailer pages that prompt users to install a browser plug-in, a media player, a video quality enhancement program, or a download accelerator.

Apple'x OS X operating system has, until recently, been a relatively unpopular target for malware coders, however as the platform rises in popularity, that's beginning to change.

The Yontoo trojan cannot install itself, and instead relies on trickery to get users to download and install it. Mac users will see the usual installation screens, but then instead of loading the desired program, the trojan will install plug-ins for Safari, Chrome and Firefox. These plug-ins then transmit information about the loaded pages to a remote server while the user browses the web. With this information, it is able to load third-party ads on any website.

Symantec reports that a variant targeting Windows computers has also been seen, but in this case the trojan does not seem to affect Windows 8 and is centered around Facebook ads.

To avoid this type of trojan, never download software from untrusted sources and always download it from the developers themselves.