Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 

Several Cryptojacking Apps Found on Microsoft Store

Symantec Threat Intelligence: Several Cryptojacking Apps Found on Microsoft Store

Symantec found eight apps on Microsoft's app store that mine the cryptocurrency Monero without the user's knowledge.

In January, Symantec discovered several potentially unwanted applications (PUAs) on the Microsoft Store that surreptitiously use the victim’s CPU power to mine cryptocurrency. Symantec reporting these apps to Microsoft and they subsequently removed them from their store.

The apps — which included those for computer and battery optimisation tutorial, and video viewing and download — came from three developers: DigiDream, 1clean, and Findoo. In total, we discovered eight apps from these developers that shared the same risky behaviour. After further investigation, it is believed that all these apps were likely developed by the same person or group.

Figure 1. The eight cryptojacking apps found on the Microsoft Store

Users may get introduced to these apps through the top free apps lists on the Microsoft Store or through keyword search. The samples found run on Windows 10, including Windows 10 S Mode.

As soon as the apps are downloaded and launched, they fetch a coin-mining JavaScript library by triggering Google Tag Manager (GTM) in their domain servers. The mining script then gets activated and begins using the majority of the computer’s CPU cycles to mine Monero for the operators. Although these apps appear to provide privacy policies, there is no mention of coin mining on their descriptions on the app store.



Mitigation

Stay protected from online threats and risks by taking these precautions:

• Keep your software up to date.

• Do not download apps from unfamiliar sites.

• Only install apps from trusted sources.

• Pay close attention to the permissions requested by apps.

• Pay close attention to CPU and memory usage of your computer or device.

• Install a suitable security app, such as Norton or Symantec Endpoint Protection, to protect your device and data.

• Make frequent backups of important data.

To read the full Threat Intelligence Report please go to https://www.symantec.com/blogs/threat-intelligence/cryptojacking-apps-microsoft-store


© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

Tax Bill Passes, Drops: “An End To Unnecessary Secondary Tax”

“The changes mean Inland Revenue will more closely monitor the tax paid by wage and salary earners through the year. If it appears the worker is being over taxed, Inland Revenue will suggest a more suitable PAYE tax code tailored to that worker.” More>>

ALSO:

Ethiopian Airline Crash: Boeing 737 Max Aircraft Operations Temporarily Suspended

New Zealand’s Civil Aviation Authority has suspended the operation of Boeing 737 MAX aircraft to or from New Zealand. Currently this affects only one operator, Fiji Airways. There are no other airlines that fly this aircraft type to New Zealand. More>>

ALSO:

Sorting Out DNA: Crime-Busting Software Wins Top Science Prize

Software developed in New Zealand that has contributed to identifying suspects in tens of thousands of criminal cases around the world has won the 2018 Prime Minister’s $500,000 Science Prize. More>>

ALSO:

In The High Court: IRD Wins Tax Avoidance Case

Inland Revenue has won a High Court case against Eric Watson’s Cullen Group over a nearly $52 million tax debt. More>>

ALSO:

Insurers Withdraw From Market: Plea For EQC Rethink

A consumer watchdog wants the government to rethink the Earthquake Commission (EQC) as more people are pushed out of getting property and contents insurance. More>>

ALSO:

Women's Day: New Zealand Rated Third Best In OECD For Working Women

New Zealand has been rated among the top countries in the world for working women. The Women in Work Index rated New Zealand third in the OECD and it was the only country outside Europe to make the top 10. More>>

ALSO: