ICLoader malware

ICLoader is a Potentially Unwanted Application (PUA) software downloader. Like most PUA software, ICLoader downloads adware and other unwanted software. It also downloads various botnet malware, cryptocurrency miners and GandCrab ransomware.

Threat ID:: CC-2190
Category:
Threat Severity:: Low
Threat Vector:
Published:: 28 March 2018 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

This content has been archived

This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk

Summary

Affected platforms

The following platforms are known to be affected:

Microsoft Windows

Microsoft Windows – all versions

Threat details

There are three major methods to distributing ICLoader. The first method involves using pop-up adverts on free file sharing service websites. The second distribution method uses fake software sharing websites. The third method uses fake torrent sharing websites (which imitate real torrent sharing sites) to distribute ICLoader.

Remediation steps

Type	Step
	Don’t allow users to install third-party applications which haven’t been approved. Make sure that cyber-awareness training is kept up-to-date. Make sure that users can only operate using the lowest privileges required for their role. Make sure that malware definitions are kept up-to-date.

Last edited: 20 December 2021 6:08 pm