Malware often spreads by concealing its malicious code inside genuine-looking products and Electron-bot is the latest to steal social media profiles…
Cybersecurity researchers from Check Point Research have found a new malware circulating around the web that is capable of taking over the victim’s social media accounts and using them for promotion and monetary gain. This one is posing as legitimate apps and games that are most listed on the Microsoft Store. (Two of which already identified as carrying the virus are Temple Run and Subway Surfer.)
New Electron-bot Malware Concealed Inside Microsoft Store Games and Apps
As usual in these types of malevolent campaigns, this one deploys files, executes scripts, with the goal of gaining persistence and avoiding detection (after it’s downloaded and installed). Once these steps are complete, the malware, dubbed “Electron-bot,” starts its actual work. This includes SEO poisoning (boosting search engine results for certain, malicious landing pages) and Ad Clicking (clicking ads on sites so that the seller of the ad space gets more revenue from the ad network).
Luckily, the nefarious code appears to be mostly present in Sweden, Bermuda, Israel, and Spain. However, security researchers have found victims in twenty countries. Where it’s active, Electron-bot essentially highjacks the victim’s social media profiles in order to do its dirty work. Of course, the victims are unaware of what’s actually happening.