Moneycontrol PRO
Upcoming Event:Attend Algo Convention Live, 2 Days & 12+ Speakers at best offer Rs.999/-, exclusive for Moneycontrol Pro subscribers. Register now!
you are here: HomeNewsTechnology

Electron Bot, malware that can take control of social media accounts, is spreading through Microsoft Store

The Malware has already claimed more than 5000 victims, and masquerades as popular games such as Temple Run

February 25, 2022 / 11:14 AM IST
Illustration by Suneesh K.

Illustration by Suneesh K.

A new strain of malware called Electron Bot, has already infected more than 5,000 machines worldwide. Once it takes over a victim's system, it can control their social media accounts on services such as Facebook and SoundCloud.

It is capable of registering new accounts, log in with your credentials, share posts, and even comment on and like other posts.

Check Point Research, the research firm that discovered the malware, found it was being actively distributed through Microsoft's official app Store,   where it masquerades as popular games like Temple Run or Subway Surfer.

Also Read: Squid Game-themed apps pave way for hackers to snack on your data

Once downloaded on to a user's system, the malware begins a SEO poisoning routine, a method where threat actors create fake websites and use search engine optimisation tactics to rank them high in search results online.

Close

It also functions as an "ad-clicker" an automatic process where it will constantly generate clicks on remote websites to increase ad revenue. Since it can take control of social media accounts, it can promote fake apps and websites through them as well.

Check Point Research says that the bot can, "imitate human browsing behavior and evade website protections".

Also Read: Be wary of Flubot warnings on your Android phone

When an user launches an infected app, "a JavaScript dropper is loaded dynamically in the background from the attackers’ server," says Check Point's report.

“It then executes several actions including downloading and installing the malware and gaining persistency on the startup folder.”

Check Point Research has reported all its findings to Microsoft, who are investigating the issue.



Download your money calendar for 2022-23 here and keep your dates with your moneybox, investments, taxes

Moneycontrol News
first published: Feb 25, 2022 11:14 am
Sections
ISO 27001 - BSI Assurance Mark