Ikasutmi

The Ikasutmi browser extension from Climbingsu[.]com may be promoted to users the same way as the 'Weightlifting Male Deadlift Standards' extension from Chrome-38[.]site —aggressive pop-up windows and full-screen pages. The Ikasutmi is one of the hundreds of browser extensions that began to flood the Internet in February 2017. Extensions like Ikasutmi feature bizarre names and are promoted on sites with random names, which often feature extensions like BIZZ, CLUB, BID, ONLINE, WORLD, TOP, WIN, PRO and SITE. The Ikasutmi browser extension is identified as part of the 'Add Extension to Leave' campaign, which aims to distribute adware-powered browser extensions to users and claim ad revenue from platforms like Google AdWords and Yahoo Ads. Reports from users showed that the Ikasutmi app might be promoted via pages that are rendered in full-screen mode when a visitor loads the page.

First, the user is shown a dialog box titled 'Are you sure to leave this site?' that says 'Changes you made may not be saved.,' which has two buttons—'Leave' and 'Stay.' Clicking either of the buttons would load Climbingsu[.]com in full screen and present the user with a screenshot of Google.com/chrome/browser/desktop/, which is the official site for Google Chrome. Additionally, the full-screen page would invite the user to add the Ikasutmi browser extension and leave the page after doing so. Web surfers that stumble upon Climbingsu[.]com may have a hard time leaving the page without adding the extension due to scripts on the page that are designed to cause errors and keep your browser focused on Climbingsu[.]com. You may need to terminate the browser's process via the Task Manager to continue surfing the Internet comfortably. Computer security researchers classify the Ikasutmi extension from Climbingsu[.]com as a browser hijacker, which may redirect the user to Supesearches.com/ikus.html?q= and then to Nova.rambler.ru when the Omnibox (equivalent to the search bar in Firefox) is used. It is recommended to remove the Ikasutmi browser extension from Climbingsu[.]com with help from a trustworthy anti-malware tool. Researchers have found that the Ikasumi app has clones hosted on the following sites:

• "3D Triforce" Extension by Pro.3dtriforce[.]top
• "Chat Noir" Extension by Pro.chatxnoir[.]top
• "Chrome Notes" Extension by Chromenotes[.]info
• "Coefficient of Variation" Extension by Pro.variation[.]top
• "Cyra devtools" Extension by Asusfix[.]win
• "Dentesk" Extension by Teskden[.]pro
• "MenaCel" Extension by Acmenel[.]pro
• "Picture Gallery Plus" Extension by Ponteron[.]club
• "Pixel Sorter" Extension by Pro.pixelsorter[.]top
• "Player X" Extension by Teskden[.]pro
• "The Coupon – Store" Extension by Thecouponstore[.]co
• "The Wild Honey Pie" Extension by Dago[.]stream
• "Tiny Mix Tapes" Extension by Siva[.]stream
• "Uis Speedometer" Extension By Pro.speedometerx[.]top
• "Vannevar" Extension by Asusfix[.]win