An updated version of the malicious bootloader codenamed IceXLoader is believed to have compromised thousands of personal and corporate Windows computers worldwide.

Ice Loader It is a common malware that sells for $118 for a lifetime license on underground forums. It is mainly used to download and run additional malware on already compromised hosts. In June of this year, Fortinet’s FortiGuard Labs team said they discovered a version of a Trojan horse written in the Nim programming language to evade analysis and detection.

“While the version (v3.0) discovered in June seems unfinished, we recently discovered a new v3.3.3 bootloader that appears to be fully functional and includes a multi-stage distribution chain,” the cybersecurity expert said.

This is stated in a report released Tuesday by a Minerva Labs researcher. IceXLoader is traditionally distributed through phishing campaigns, where emails containing ZIP archives are the trigger for the distribution of the malware.