S
sinu
Thread author
A new piece of adware that serves as an entry point for future trojan infections was discovered by Dr.Web security researchers.
This new malware was named Adware.Mac.WeDownload.1 because it was first spotted on the WeDownload.com domain, packed with a modified version of Adobe Flash Player.
As Dr.Web researchers found out, the package was signed with "Developer ID Application: Simon Max (GW6F4C87KX)" and was being actively distributed as part of one of those shady affiliate programs that reward developers based on the number of file downloads.
Taking a closer look at the file, researchers found out that, once double-clicked, the adware would first want administrator privileges on the infected machine, with the purpose of installing the Flash Player package.
This new malware was named Adware.Mac.WeDownload.1 because it was first spotted on the WeDownload.com domain, packed with a modified version of Adobe Flash Player.
As Dr.Web researchers found out, the package was signed with "Developer ID Application: Simon Max (GW6F4C87KX)" and was being actively distributed as part of one of those shady affiliate programs that reward developers based on the number of file downloads.
Taking a closer look at the file, researchers found out that, once double-clicked, the adware would first want administrator privileges on the infected machine, with the purpose of installing the Flash Player package.