Security News > 2022 > February > Social Media Hijacking Malware Spreading Through Gaming Apps on Microsoft Store
A new malware capable of controlling social media accounts is being distributed through Microsoft's official app store in the form of trojanized gaming apps, infecting more than 5,000 Windows machines in Sweden, Bulgaria, Russia, Bermuda, and Spain.
Israeli cybersecurity company Check Point dubbed the malware "Electron Bot," in reference to a command-and-control domain used in recent campaigns.
"Electron Bot is a modular SEO poisoning malware, which is used for social media promotion and click fraud," Check Point's Moshe Marelus said in a report published this week.
In the years since, the malware is said to have undergone numerous iterations that equip the malware with new features and evasive capabilities.
The attack sequence gets triggered when users download one of the infected applications from the Microsoft store that, when launched, loads the game but also stealthily drops and installs the next stage dropper via JavaScript.
Along the way, there are steps to identify potential threat detection software from companies such as Kaspersky Lab, ESET, Norton Security, Webroot, Sophos, and F-Secure before the dropper proceeds to fetch the actual bot malware.
News URL
https://thehackernews.com/2022/02/social-media-hijacking-malware.html
Related news
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking (source)
- Microsoft says attackers use exposed ASP.NET keys to deploy malware (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)