Security News > 2022 > February > Microsoft App Store Sizzling with New ‘Electron Bot’ Malware

As for its endgame, CPR researchers described the newly discovered and analyzed Electron Bot backdoor as "a modular SEO-poisoning malware" used "For social-media promotion and click fraud."

Electron Bot can also promote online products: another way to generate PPC revenue or increase a store's rating for higher sales.

Researchers said that the first hint of the attackers having trespassed into Microsoft's app store came at the end of 2018, when an ad-clicker campaign was discovered hiding in an app called "Album by Google Photos" - an app that its authors, audaciously enough, fraudulently pushed as being published by Google LLC. The malware has gotten bigger and brawnier over the years.

While the bot's current activities on infected machines aren't terribly high-risk, researchers noted, the malware could do far worse, given the Electron framework's granting of access to all computer resources, including GPU computing.

CPR used the popular Temple Endless Runner 2 game as an example of the games cloned by the Electron Bot attackers.

Electron Bot's successful incursion into Microsoft's official app store is just the latest glaring example of how people throw caution to the wind when they see a shiny new toy on the app stores, CPR researchers warned: "Given most people think that you can trust application store reviews, they do not hesitate to download an application from there."

News URL

https://threatpost.com/microsoft-app-store-electron-bot-malware/178629/