- These apps secretly mined the open-source cryptocurrency Monero by exploiting users' devices.
- Upon being informed about the apps, Microsoft removed the malicious apps from the app store.
Recently, Microsoft Store was found to have eight malicious apps that would steal cryptocurrency as well as use affected devices for crypto mining. Security firm Symantec discovered these cryptomining apps when analyzing the app store for vulnerabilities.
The apps which were meant for functions such as browsing, downloading videos, and more, came from three developers namely DigiDream, 1clean, and Findoo. It is suspected that these three developers are from a single group or person.
All these apps were published in 2018. Moreover, they were listed on the top free app lists to lure users into downloading them. In their blog, Symantec explain the methodology of these apps.
Exploiting GTM for cryptomining
Additionally, when Symantec analyzed the network traffic, they found that the apps were using the same server. This hints that the attack might be the work of a single group or person.