A malicious website has been discovered that mirrors Symantec blog content, attempting to spread OSX.proton malware by tricking readers into clicking on infected pages.
The website, located at symantecblog[dot]com, points readers to fake security software described as the “Symantec Malware Detector” that claims to detect and remove infections caused by a new variant of the CoinThief malware.
Users who click on the link download OSX.Proton, which is a Trojan horse that opens a backdoor, steals information, and downloads potentially malicious files onto the user’s computer.
Symantec’s legal and brand protection team is aware of the situation and working toward a resolution. Symantec has added detections for OSX.Proton to Norton and Symantec products.
Information on OSX.Proton : Click here to learn more.