The security company Symantec discovered in Microsoft Store, the online store for Windows, a total of eight different infected applications which had a lot of traffic.
According to a Symantec research, eight applications published in the Microsoft Store from April to December 2018 were designed to do mining in Monero cryptocurrencies. Worst of all, these applications received around 2.000 reviews, which means that a significant number of devices have been infected.
Although Symantec points out that app reviews can swell and appear numerous without actually being, it is therefore difficult to really know how many users have downloaded these apps. Infected applications are browsers, media players, downloaders, battery optimization tutorials, video download aids from Youtube and apparently developed by the same person or group.
Once installed and launched on the victims' computers, they download a JavaScript library for Monero coin mining. Users are not informed that their computers are being used for mining, although their devices are significantly lowering their performance due to the high CPU usage in the background.
Symantec says it has already notified Microsoft of the malware and that it has all been removed from the Microsoft Store. However, if you already have one of these applications installed, you should uninstall it as soon as possible. The eight infected illegal mining applications found in the Store are:
- Fast-search Lite
- Battery Optimizer (Tutorials)
- VPN Browser+
- Downloader for YouTube Videos
- Clean Master + (Tutorials)
- FastTube
- Findoo Browser 2019
- Findoo Mobile & Desktop Search