New OS X Trojan Adware Injects Ads Into Chrome, Firefox, Safari

An anonymous reader writes "A new trojan specifically for Macs has been discovered that installs an adware plugin. The malware attempts to monetize its attack by injecting ads into Chrome, Firefox, and Safari (the most popular browsers on Apple's desktop platform) in the hopes that users will generate money for its creators by viewing (and maybe even clicking) them. The threat, detected as "Trojan.Yontoo.1" by Russian security firm Doctor Web, is part of a wider scheme of adware for OS X that has "been increasing in number since the beginning of 2013," according to the company."

Clarification

[schneidafunk]

Can someone explain to me why advertisers would want to pay for bogus clicks? How does this money get laundered to hide the trojan creator and also defraud the advertiser?

I'll worry when it can spread without an installer

[Kenja]

Basically, this requires you to download and execute an installer, then click through it (including entering the administrator password). At that point, you could have installed something far worse then adware.

Re:I'll worry when it can spread without an instal

[h4rr4r]

THIS!

The user is a flaw every OS has.

Re:I'll worry when it can spread without an instal

[h4rr4r]

Not at all.

Blame the buggy OS is when you get a nice drive by install or virus. Adware that requires a user to install is always the users fault.

Re:I'll worry when it can spread without an instal

[amicusNYCL]

Unlike in Windows, where you simply have to view an advert in Internet Explorer and your system is infected...

IE itself is exploited no more than 10% of the time to infect a Windows computer. Windows gets drive-by infections these days from exploits in Java, Acrobat, and Flash, which are not unique to Windows. There's no reason for attackers to focus on a single browser any more when they can instead target a plugin like Java that works across all browsers.