Ivan Kostin is a brand of publishers/developers run by WebPick Internet Holdings Ltd. located in Ramat Ha'Chayal Tel Aviv, Israel. The company is a primary distributor of unwanted software. Ivan Kostin is a developer of WebPick Internet Holdings and publishes a number of adware web browser plugins designed to monitor web browser behavior and inject advertisements (banner, popups, text-links, etc.) in the browser by using the WebPick InstalleRex monetization delivery platform. These programs from Ivan Kostin are typiclaly installed on a variety of names and misspellings and are very difficult to remove. According to WebPick, they use developers to sign their adware in order to "throw off competitors".
COMODO CA Limited
8/25/2013 2:00:00 AM
8/26/2014 1:59:59 AM
CN=Ivan Kostin, O=Ivan Kostin, STREET=Pobedy 33/1, L=Kyiv, S=Kyiv, PostalCode=03170, C=UA
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
Detections (100% detected)
PUP.WebPick.IvanKostin.Installer (M), Adware.WebPick.Installer (M)
PUP.InstallRex, PUA.TDownloader, PUA.InstallRex
PUA.InstalleRex, PUA.Downloader, Trojan.AntiFW, Adware.Generic, PUA.AdLoad
Win32/InstalleRex.M potentially unwanted application, Win32/InstalleRex.L potentially unwanted application
Threat.4150696, Threat.4753027, Trojan.Win32.Generic, Installerex/WebPick, Threat.14871
Adware.Downware.1541, Adware.Downware.1719, Trojan.WebPick.4
Win32:InstalleRex-AI [PUP], Win32:InstallMonstr-DE [PUP], Win32:InstalleRex-DT [PUP], Win32:InstalleRex-AH [PUP]
Win.Trojan.Installerex-53, Win.Trojan.Installerex-17, Win.Trojan.Installerex-25, Win.Trojan.Installerex-108, Win.Adware.Installrex-1
Downloads URLs for files signed by Ivan Kostin.
The following publishers (by Authenticode signature organization name) are related.
* Note, the details and description above are based on the code signing digital signature issued to Ivan Kostin by COMODO CA Limited on August 25, 2013 with the serial number '00eb11d24ce6ddbbf752fe4dc3d683d2bf'.