8 windows 10 platform applications were removed from the microsoft store app store after being secretly used by a user's computer to dig monero cryptocurrency without permission.


8 windows 10 platform applications were removed from the microsoft store app store

Microsoft store remove 8 secret applications that took advantage of the computer used to dig cryptocurrency


8 windows 10 platform applications were removed from the microsoft store app store after being secretly used by a user's computer to dig monero cryptocurrency without permission. 

microsoft has removed its official app store for a total of 8 applications for windows 10 because it discovered these applications secretly use computer hardware to dig monero cryptocode without permission. Of users, illicit profits for developers.

these 8 applications include: fast-search lite, battery optimizer (tutorials), browsers + vpn, downloader for youtube videos, clean master + (tutorials), fasttube, findoo browser 2019 and findoo mobile & desktop search. 

the above applications provided by three developers include: digidream, 1clean and findoo. However, us security company symantec, which discovered the malicious applications last month, said the evidence was found in the source code of the application and the neighboring domains. Suggestions for its security engineers believe that all eight applications are developed by the same individual or organization, even though they use different names.

the 8 windows 10 platform applications were removed from the microsoft store app store


according to a symantec security report sent to a zdnet dedicated reporter , all of the above applications have the same way of operating. They all download the google tag manager (gtm) library in their source code, thereby downloading and executing malicious code.

the code in the final step of these applications is a stolen version of the famous coinhive source code - a javascript library that many secret hackers embed into websites attacked by them to secretly dig monero money. Via the user's browser.

besides web pages, this code can also be used in any application capable of executing javascript code, such as game mods, android and ios applications, and now the applications windows 10. This marks the first time such applications were found in the microsoft store app store, symantec said.

" these applications are on the list of progressive web applications ( web applications enhance ), which is the platform application site but is installed as a windows application 10 operate independently from the browser, in a window process ( wwahost. Exe process ) separately, "symantec's experts wrote in the report to explain why these applications can implement coinhive javascript code.

" a malicious url attached to a virtual money digging code has been discovered, and we have used reverse detection technology to find root applications using this url, " said tommy dong, symantec's chief software engineer. Said. " symantec's anti-virus programs can detect common javascript-based virtual training software regardless of which domains they use. "

users who have installed these applications for many months will surely find that the cpu of the computer is always running at high intensity, because coinhive will seek to utilize all possible resources on the user's computer to monero money training for developers.

" they use 100% of cpu resources on users' computers. Opening the application is the cpu will work at high intensity and can easily see this, " dong said. 

since microsoft store does not display the number of installs of applications, we cannot know how many users have been affected. However, symantec pointed out that there have been thousands of reviews of these applications on the repository, proving that they are also somewhat popular. However, this is not a reliable source, as there are some online services that sell fake reviews on microsoft store.

these apps are called security apps that steal virtual money (cryptojacking) or virtual money digging apps (cryptominers). Virtual money theft is a term of cyber security that refers to the behavior of digging "pre-back" users, ie without their awareness or permission.

by mid-2017, in the face of a sudden increase in the value of crypto currencies, virtual money theft, which originally ran on web browsers and later through special software running on servers , is one of the most popular cybercrime acts of the present time. Some criminal groups have earned millions of dollars in profits from this behavior.

Post A Comment:

0 comments: