On Thu, Oct 19, 2023 at 05:43:00PM +0100, Peter wrote:
phishbank.ajy JSI:trojan.cryos.3892
This last had three copies installed, the first only one.
I can't find either of these specifically named online, but a couple of very closely named items are in the class of the scam code inserted into websites to try and mislead a user into clicking a redirect to another site or a popup of the type "you have a virus click here to remove it".
Have you ever saved or copied a browser cache onto this stick? It's worth noting that very often this class of malware is not identified correctly.
I had a time somewhat recently that a free software library in use by a dev team was flagged by the anti-malware as being "malicious code" and it was quarantined. After some investigation what the code did was when the library was built if it detected a Russian locale on the computer it would pop up a message telling you to not support Russia in the war against Ukraine for example.
Adam --