Security company Check Point Research It is now reporting a new malware Which social media users should be aware of. It can take over your accounts.
The new malware is called Electron Bot and it spreads primarily through the Microsoft Store via various malicious apps that the perpetrators regularly download – mainly games.
He can manipulate social media accounts
According to Check Point, the malware contains features that can be used to control social media accounts, including Facebook and Google, by registering new accounts, logging into the account, and commenting and “liking” other people’s posts.
However, the program has many other features and is referred to by the security company as a “standard search engine poisoning malware”.
SEO poisoning is an attack method where perpetrators create malicious websites to affect search engine optimization, so that they appear high among the search results and therefore have a high chance of being clicked on.
In addition, the malware is used in so-called click scams – a type of fraud used to generate income for an attacker by artificially increasing traffic to certain websites or through “pay-per-click” models.
Upgrade functional
The software is also used to promote social media accounts to direct users to certain types of content and increase impressions – and thus the number of ad clicks. It also promotes certain products online, both to generate more clicks on ads and to increase exposure and sales in stores.
The malware has been named Electron Bot because it is based on Electron framework A framework used to build cross-platform applications using JavaScript, HTML, and CSS. Check Point says the malware uses the framework to mimic human behavior and bypass online security mechanisms.
Although the program does not have features that pose a significant risk to the victim at the moment, the security company states that perpetrators can easily and secretly change the features to a significantly more harmful variety.
Because the malware payload is dynamically loaded every time the program is run, attackers can modify the code and change the behavior to a higher risk. For example, offenders could initiate a secondary stage and download new malware, such as a ransomware or RAT (remote access trojan). Check Point writes that all of this can happen without the victim’s knowledge.
Camouflaged as popular toys
The Electron Bot is said to have affected several thousand users so far, mostly in Spain, Bulgaria, Russia and Sweden – which means the Scandinavian region has been affected, not to mention Norway specifically.
The security firm identified malicious versions of several popular games that were used to spread malware, including titles like Temple Run and Subway Surfer. Additionally, several developer names associated with the malware have been identified. The names are as follows:
- Lupy ألعاب Games
- crazy games 4
- Jeuxjeuxkeux games
- Action games
- goo games
- Bizzone case
Check Point says they contacted Microsoft about the results. The company will be in the process of investigating the case.
To avoid exposure to malicious apps, the security company advises against downloading apps with few reviews and only relying on apps with good, consistent, and reliable reviews. Suspicious names that do not match the original name are another red flag.
More information can be found at Check Point Research Special Report.
“Web specialist. Lifelong zombie maven. Coffee ninja. Hipster-friendly analyst.”
