IceXLoader, as explained by The Hacker News, is a basic malware that is sold on underground forums on the Dark Web. It sells for $118 and is commonly distributed through phishing campaigns. In this case, according to the information and the security company that discovered the Trojan, it is known that it has been distributed in emails containing ZIP files that are used to deploy the malware on the computer to be infected.
The ZIP file downloaded by infected people contained an executable .exe that automatically downloads an image that allows infection with ICeXLoader. Additionally, the malware creates a .bat file that disable Windows Defender in real time and add exclusions to avoid being detected-
How to avoid this type of virus
There is no foolproof trick to avoid being infected by this type of malware, or by any other. But there is a series of tips that we can follow if we want to prevent our computer from being continually infected with these problems…
The first thing we need to do is check that we have an antivirus activated on our computer. There are many antiviruses available but it will suffice to use the one that Windows installs by default to be protected in almost all cases. As we have seen, in this case it would not protect us but other practices would… Jace needs common sense and care on a day-to-day basis to avoid falling into this type of trap and being infected with malware.
Beyond specific software, we must try to be careful when visiting websites, downloading attachments from senders we do not know, downloading programs or applications from unknown websites, clicking on links that we receive through emails or networks social… In the case of IceXLoader, as we have explained, usually goes in ZIP files inside emails so protecting ourselves from this is quite simple: don’t open anything whose sender you don’t know, and when in doubt, delete it forever.
Furthermore, it is essential always update all installed programs and update your operating system because that will protect you in case there is a bug and it is solved with a later update.