The Microsoft disinfected its online store after cleaning the platform by 8 applications. These were the malicious apps that triggered fraudulant crypto jacking.
The team at Symantic notified the firm of the existence of the free apps that were using user’s CPU power to mine Monero (XMR). Symantic notified Microsoft of the malicious apps on the 17th of January. Symantic summed up how the apps managed to access machines to mine Monero.
The mining script then gets activated and begins using the majority of the computer’s CPU cycles to mine Monero for the operators. Although these apps appear to provide privacy policies, there is no mention of coin mining on their descriptions on the app store.
The removal of the apps was confirmed via a blog post earlier today that stated the following:
On January 17, [Symantic] discovered several potentially unwanted applications (PUAs) on the Microsoft Store that surreptitiously use the victim’s CPU power to mine cryptocurrency. We reported these apps to Microsoft and they subsequently removed them from their store.
The blog post went on to explain that the apps included those for computer and battery optimization tutorial, internet search, web browsers, and video viewing and download. All the 8 apps came from three developers: DigiDream, 1clean, and Findoo. Symantic went on to postulate that the three developers are probably linked to the same person/group. The apps were published between April and December 2018.
The eight apps included:
Even a short span of life at play store, or online store an application can contract many users. Few of the above apps supposedly got around 1900 ratings, making them a trusted download.