Crypto-currency Mining Apps Discovered in Microsoft Store
Security researchers at Symantec claim to have discovered eight apps in the Microsoft Store which, if downloaded, can use the victim’s computer to mine crypto-currency.
Only There For A Short Time Last Year
The suspect apps are reported to have only been on the Microsoft Store for a short time between April and December 2018, but it is thought that they still managed to achieve significant download numbers, as indicated by nearly 1,900 ratings posted for the apps.
The suspect apps, in this case, are Fast-search Lite, Battery Optimizer (Tutorials), VPN Browsers+, Downloader for YouTube Videos, Clean Master+ (Tutorials), FastTube, Findoo Browser 2019, and Findoo Mobile & Desktop Search apps. These apps have now been removed from the Microsoft Store,
What Is Crypto-currency Mining?
‘Crypto-currency mining’ involves installing 'mining script' code such as Coin Hive into multiple web pages without the knowledge of the web page visitor or often the website owner. Multiple computers then join their networks so that the combined computing power can enable mathematical problems to be solved. Whichever scammer is first to solve these problems is then able to claim/generate cash in the form of crypto-currency, hence mining for crypto-currency.
Mining For Monero
In the case of the eight suspect apps, they had been loaded with a script that had been designed to mine the ‘Monero’ crypto-currency. Monero, which was created in April 2014 is a decentralised cryptocurrency that uses an obfuscated public ledger. This means that anybody can broadcast or send transactions, but no one outside can tell the source.
GTM – Legitimate
Not The First Time
This is not the first time that suspect apps have been discovered lurking in popular, legitimate app stores. Back in January, for example, security researchers discovered 36 fake and malicious apps for Android that can harvest a user’s data and track their location, masquerading as security tools in the trusted Google Play Store. The apps, which had re-assuring names such as Security Defender and Security Keeper, were found to be hiding malware, adware and even tracking software.
Also, back in November 2017, a fake version of WhatsApp, the free, cross-platform instant messaging service for smartphones, was downloaded from the Google Play store by more than one million unsuspecting people before it was discovered to be fake.
What Does This Mean For Your Business?
This is not the first time that apps which perform legitimate functions of the surface and are available from trusted sources such as Microsoft store have been found to have hidden malicious elements, in this case, mining scripts. The increased CPU usage and slowing down of computers caused by mining scripts waste time and money for businesses, and the increasingly sophisticated activities of crypto-jackers and other cyber-criminals, combined with a global shortage of skilled cyber-security professionals to handle detection and response have left businesses vulnerable to this kind of hidden app-based threat.
Although the obvious advice is to always check what you are downloading and the source of the download, the difference between fake apps and real apps can be subtle, and even Microsoft and Google don’t always seem to be able to detect the hidden aspects of some apps.
The fact that many of us now store most of our personal and business lives on our smartphones makes reports such as these more alarming. It also undermines our confidence in (and causes potentially costly damage to) the brands that are associated with such incidents e.g. the reputation of Microsoft Store.
Some of the ways that we can try to protect ourselves and our businesses from this kind of threat include checking the publisher of an app, checking which permissions the app requests when you install it, deleting apps from your phone that you no longer use, and contacting your phone's service provider or visit the High Street store if you think you’ve downloaded a malicious/suspect app.