Header Ads

Malicious Applications In Microsoft Store





Some Malicious Applications In Microsoft Store



Eight crypto jacking applications found on the Microsoft Store they abuses victim’s CPU cycle to mine Moreno without user knowledge. Symantec detected the malicious applications on Microsoft Store disguised as the applications for computer and battery optimization tutorial, internet search, web browsers, and video viewing and download.

These malicious applications got listed for top free applications list on the Microsoft Store, As soon as the applications are downloaded and launched they use to fetch the coin-mining JavaScript by triggering the Google Tag Manager.

Malicious Applications Names Below


1) Fast-Search Lite

2) Battery Optimizer

3) VPN Browser Plus

4) Downloader for YouTube Videos

5) Clean Master plus

6) FastTube 

7) Findoo Browser 2019

8) Findoo Mobile & Desktop Search


Google Tag Manager created by Google to track and analyze the HTML and JavaScript tags used in the websites hosted.
The mining scripts once activated abuses computer’s CPU cycle’s to mine Moreno crypto currency for the attackers.

According to Symantec, the applications appear to be published between April and December 2018 and the number of users infected with the app still remains unknown.Once the application launched it leverages XMR coin hive mining scripts through Google Tag Manager(GTM) from the attacker’s domain servers. the coin hive script loaded from remote location http://statdynamic[.]com/lib/crypta.js.

Based on the WHOIS search all the applications appeared to be hosted in the same origin and published by same developers with a different username. The applications came from three developers DigiDream, 1clean, and Findoo. Symantec informed Google and Microsoft about the app behavior’s, and the application has been removed from Microsoft store and the javascript removed from Google Tag manager.

1 comment:

  1. Really very happy to say that your post is very interesting. I never stop myself to say something about it. You did a great job. Keep it up.
    We have an excellent IT courses training institute in Hyderabad. We are offering a number of courses that are very trendy in the IT industry. For further information, please once go through our site.CEH Training In Hyderabad

    ReplyDelete

Powered by Blogger.