Popup - verified-apps.com
VirusTotal - https://www.virustotal.com/gui/file/ca98a8f7ad30fc78d26107b08e3cee663381533866a4d13075205adf63269c4a/detection
The program installs a variant of the Artemis trojan, which can hijack browsers, reduce your computer's security or even mine bitcoin. https://www.spywareremove.com/removeartemistrojan.html
whois output:
Domain Name: verified-apps.com
Registry Domain ID: 2566600301_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Updated Date: 2020-10-18T07:08:19Z
Creation Date: 2020-10-18T09:08:18Z
Registrar Registration Expiration Date: 2021-10-18T09:08:18Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
Registrant Organization: Kanomi
Registrant State/Province: israel
Registrant Country: IL
Registrant Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=verified-apps.com
Tech Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=verified-apps.com
Admin Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=verified-apps.com
Name Server: NS41.DOMAINCONTROL.COM
Name Server: NS42.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
I’ve reported it to Google Safe Browsing, and GoDaddy.
Their website is hosted on an Amazon S3 bucket, so I'm getting in contact with AWS to get it taken down too.
Never mind, the website is hosted by GoDaddy to, the S3 bucket is owned by GoDaddy not them.