The official Microsoft Store for Windows 11 and Windows 10 is hosting a backdoor “Electron Bot” malware that is known for taking over users’ social media accounts. Security researchers say the malware is currently hidden within apps that mimic popular games like Subway Surfer and Temple Run.
It is worth noting the official games are not infected, but rather apps that clone these popular titles. Check Point Research (CPR) reported on the issue, calling the backdoor “Electron Bot”. According to the security firm, the malware allows attackers to take total control over a PC.
Once inside, it can conduct remote execution attacks, allow threat actors to create new accounts, and take control of social media accounts.
The attack has already been success, taking more than 5,000 victims across 20 countries. Furthermore, it remains ongoing so more users are at risk. CPR points out the Microsoft Store has become the main delivery platform for the attack, with dozens of mimic apps on the platform.
Speaking to Threatpost about the attack, Microsoft says “We are investigating this issue and will take appropriate action to protect customers.”
CPR describes the new Electron Bot as “a modular SEO-poisoning malware” used “for social-media promotion and click fraud.”
Attacks
The former of those attacks sees the threat actor publish malicious websites that manipulate search engines into placing the site at the top of search rankings. Knowns as SEO poisoning, the malware can be used by websites to falsely boost their position on platforms like Google and Bing.
Another ability of Electron Bot is to offer ad-clicking services. This means constantly clicking remote websites to generate fake clicks on their ads and boost pay-per-click (PPC) revenue.
CPR points out the bot is effective because it can “imitate human browsing behavior and evade website protections.”
One of the interesting things is the bot has seemingly been working behind the scenes since at least 2018. As Microsoft is currently promoting a new Store for Window 11, these are the sort of security concerns the company could do without.
Tip of the day: Tired of Windows´s default notification and other system sounds? In our tutorial we show you how to change windows sounds or turn off system sounds entirely.
