Electron-bot malware has hit the Microsoft Store by registering over 5 thousand victims of cyber attacks. The malware is distributed via gaming apps on the official Microsoft store and is able to control the social media accounts of its victims. Electron-bot has infected very popular apps like Temple Run and Subway Surfer as detected by Check Point Research.
How Electron-bot malware works
Electron-bot recorded over 5,000 victims of attacks, as revealed by Check Point Research, Threat Intelligence division of Check Point Software Technologies. Malware has well-defined capabilities such as the SEO poisoning, a method by which cybercriminals create malicious websites using search engine optimization tactics to show themselves high on the engines. Then there is Ad Clicker, a computer infection that runs in the background by connecting to websites to generate clicks. Electron-bot is capable of promote social media accounts to direct traffic to specific content e promote products onlinegenerating profits with clicks on ads.
I malevolent publisher revealed are:
- Lupy games
- Crazy 4 games.
- Jeuxjeuxkeux games
- Akshi games
- Goo Games
- Bizon case
The malware attack begins after installing the infected app. At this point, the hacker downloads the files and executes the scripts. Gradually, the malware takes control of the system by executing various commands in the background. Scripts, in most cases, are loaded at runtime by attackers’ servers in order to avoid detection.
Daniel Alima, Malware Analyst di Check Point Research, states: “The Electron framework gives apps access to all computer resources, including GPU computing. Since the bot payload is automatically loaded every time it is run, hackers can modify the code and change its behavior. For example, they can initiate a second phase and release new malware such as ransomware or RAT. And all this can happen without the victim noticing “