That should be obvious from reading the linked article, and I think someone asking for the attack vector would know this as well. It is a valid question, we know that people are tricked into installing the trojan but every article about this so far has been light on details as to how they are tricked. A browser exploit, malicious software repository, no confirmation on anything so far.