Dig.coinup.org
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 12,282 |
Threat Level: | 50 % (Medium) |
Infected Computers: | 906 |
First Seen: | June 9, 2017 |
Last Seen: | September 20, 2023 |
OS(es) Affected: | Windows |
The Dig.coinup.org Web portal is presented to visitors as a search services provider that is tailored to French-speaking users. Also, the Dig.coinup.org site appears to copy the clean and streamlined interface of Google.com. You can see links to Gmail and the image filter on Dig.coinup.org that reminds of how the official Google homepage is presented. The Dig.coinup.org site even has a drawing on its front page made in the same style as the theme images loaded on Google. Additionally, Dig.coinup.org offers users to use their real Google ID to log in at Dig.coinup.org. We are disturbed by how Dig.coinup.org aims to fools users into thinking they have loaded a customized version of Google.com. PC security researchers have seen reports of a questionable browser extension associated with Dig.coinup.org that forces browsers into loading Dig.coinup.org as the default new tab and default search provider.
Analyzing the Internet profile of Dig.coinup.org showed that it is registered to the 18.216.98.141 IP address and it has two clones that can be loaded with the URLs www[.]surf-live[.]com and www[.]web-explore[.]com. Additionally, there are three Potentially Unwanted Programs (PUPs) that may change the browser settings to Dig.coinup.org, which includes WallpaperAnimeInstaller, WallpaperHdInstaller and WallpaperSuiteInstaller. The Dig.coinup.org portal along with its clones might offer search results and redirect Web surfers to resources on Maps.google.com. However, Dig.coinup.org is a blatant imitation of the legitimate Google portal, and that should not be taken as a sign of a partnership with the Internet giant. Dig.coinup.org lacks HTTPS support and appears to be linked to questionable applications. It is recommended to avoid Dig.coinup.org and use a credible security product that can eliminate the unwanted apps associated with the Dig.coinup.org portal. AV engines are known to generate alerts when loading resources from the 18.216.98.141 IP address and users may be shown the following detection names:
- Genvariant.Symmi
- PUP/Generic
- Suspicious_GEN.F47V1022
- Trojan.Win32.Heri
- W32.Adware.Gen
- generic.ml
URLs
Dig.coinup.org may call the following URLs:
dig.coinup.org |
https://www.web-explore.com/ |