Author Archives: destroyadware

Understanding and Removing Soap2Day Adware

Soap2Day is a notorious website, known for offering free, illegal access to movies and TV shows. Despite not being a virus itself, it poses significant risks to users’ cybersecurity. The site is known to push Potentially Unwanted Programs (PUPs) to its users, leading to serious harm to their computers. Released in 2018, Soap2Day operates as a media streaming platform, allowing users to stream content for free. This activity, however, is illegal and the site is known to inject its content with malicious advertisements. These advertisements redirect users to dubious pages that aim to infect their systems with viruses, browser hijackers, and adware.

The Soap2Day platform is linked to various cases of virus infections. Users who choose to watch movies on this site expose themselves to a myriad of cyber threats. The most recent adware scheme from Soap2Day involves the distribution of unwanted tools – a browser hijacker that has been discussed extensively on Soap2Day Reddit. This PUP modifies browser settings and redirects users to a fake search engine every time they open their browsers, often without the user realizing it.

Continue reading →
Pirated games = malware

Pirated Games = Malware

Beware pirated video game downloads as they could be malware in disguise. According to a report by AhnLab Security Emergency Response Center (ASEC), a browser hijacking credential stealer called ChromeLoader has evolved and is now capable of stealing data, deploying ransomware, and more.

ChromeLoader first appeared in January of 2022, arose in deployments in May of last year, then in September VMware reported seeing new variants popping up. It’s being distributed via a variety of malvertising sites which host the malicious files, and they appear to a user as pirated and free game downloads. When the malware is downloaded, it appears as an install.lnk file and this executes a batch script which decompresses a .zip archive, then executes a data.ini file plus a couple of scripts that retrieve a payload.

Continue reading →

SynAck Ransomware Demonstrates Significant Rise in Activity

SynAck malware belongs to ransomware viruses. It was first detected by famous ransomware expert Michael Gillespie.

Within the last week, there has been an intensification in distribution efforts from a comparatively unexplored ransomware type called SynAck. This specific ransomware virus was initially found in early August and ransomware gurus promptly confirmed they were observing a fresh kind of virus not related to any other ransomware family.

Continue reading →