IE 11 is not supported. For an optimal experience visit our site on another browser.

Yontoo Trojan tries to lure Mac users with movie trailers

NBC News Clone summarizes the latest on: Yontoo Trojan Tries Lure Mac Users Movie Trailers Flna1C8995971 - Technology and Innovation | NBC News Clone. This article is rewritten and presented in a simplified tone for a better reader experience.

Trojan.Yontoo.1
Dr. Web
By Suzanne Choney
Downloading a plug-in to see a movie trailer is one of the ways the Yontoo Trojan gets onto a computer.
Downloading a plug-in to see a movie trailer is one of the ways the Yontoo Trojan gets onto a computer.Dr. Web

Trojan.Yontoo.1 is a nasty bit of software. Already known to security researchers, it has begun sneaking onto computers running OS X by installing an adware plugin via the Chrome, Firefox and Safari Web browsers.

The toxic plugin brings additional ads to the user, part of a money-making scheme if you click on them — but more importantly gives outsiders access to track your Web surfing.

Russian security firm Dr. Web reported the problem, noting that "adware for Mac OS X has been increasing in number since the beginning of 2013. Trojan.Yontoo.1 is the most prominent of them: It can download and install an adware browser plugin in an infected system."

Symantec, too, has taken note of the Trojan for Windows users, where it installs a Web browser extension that displays ads that "appear to be from Facebook."

NBC News asked Apple about Trojan.Yontoo.1, but the company declined to comment.

Dr. Web says there are "several ways" for the Trojan to get onto a computer. Among them are movie trailer pages that ask users to install a browser plugin. In fact, "the prompt only imitates a common dialogue displayed when a plugin needs to be installed or additional configuration is necessary. After clicking on 'Install the plug-in,' the user is redirected to another site from which Trojan.Yontoo.1 is downloaded."

Trojan.Yontoo.1 can also be downloaded as a media player, video quality "enhancement program" or a download accelerator, the firm says.

Dialog window asking users if they want to install Free Twit Tube.
Dialog window asking users if they want to install Free Twit Tube.Dr. Web

When the Trojan is launched, it shows a dialog window that asks the user if they want to install something called "Free Twit Tube." If the user selects "continue," that's when the Trojan downloads and installs Yontoo in the browser. "While a user surfs the Web, the plugin transmits information about the loaded pages to a remote server," Dr. Web says.

"In return, it gets a file that enables the Trojan to embed third-party code into pages visited by the user," Dr. Web says.

The best thing to do, of course, is make sure your security software is up-to-date. And beware of "free" offerings and "click here" schemes. They generally lead to nothing good, and sometimes, to things that are very bad. Also, if your computer asks your permission to install something called "Free Twit Tube" — just say no!

Check out Technology, GadgetBox, TODAY Tech and In-Game on Facebook, and on Twitter, follow Suzanne Choney.

Suzanne Choney

Want more summaries like this? Follow NBC News Clone for expertly filtered news from trusted sources.

×
AdBlock Detected!
Please disable it to support our content.

Related Articles

Donald Trump Presidency Updates - Politics and Government | NBC News Clone | Inflation Rates 2025 Analysis - Business and Economy | NBC News Clone | Latest Vaccine Developments - Health and Medicine | NBC News Clone | Ukraine Russia Conflict Updates - World News | NBC News Clone | Openai Chatgpt News - Technology and Innovation | NBC News Clone | 2024 Paris Games Highlights - Sports and Recreation | NBC News Clone | Extreme Weather Events - Weather and Climate | NBC News Clone | Hollywood Updates - Entertainment and Celebrity | NBC News Clone | Government Transparency - Investigations and Analysis | NBC News Clone | Community Stories - Local News and Communities | NBC News Clone