Security News > 2022 > February > Malware infiltrates Microsoft Store via clones of popular games
A malware named Electron Bot has found its way into Microsoft's Official Store through clones of popular games such as Subway Surfer and Temple Run, leading to the infection of roughly 5,000 computers in Sweden, Israel, Spain, and Bermuda.
The operation was first discovered at the end of 2018 when an early Electron Bot variant was submitted to the Microsoft Store as "Album by Google Photos," published by a spoofed Google LLC entity.
The malware authors have added several new features to their tool and advanced detection evasion capabilities like dynamic script loading.
The malware is written in Electron, hence the name, and it can emulate natural browsing behavior and perform actions as if it's a real website visitor.
The malware launches at the next system startup, connects to the C2, retrieves its configuration, and executes any commands in the pipeline.
Of course, the crooks constantly refresh their lures and use different game titles and apps to deliver the malware payloads to unsuspecting victims.
News URL
Related news
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- Microsoft says attackers use exposed ASP.NET keys to deploy malware (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)