This dangerous malware found in Temple Run, Subway Surfer apps; is it on your device? Delete!

tech.hindustantimes.com:

A new malware has been found which is capable of taking control of all your social media accounts. The malware dubbed Electron Bot has been spotted by CheckPoint Research which said that it is being actively distributed through Microsoft’s official store. By now, it has affected over 5,000 devices and it has the potential to take complete control of social media accounts such as Facebook, Google, and SoundCloud. Not just that, but it can register new accounts, log in, comment on, and even “like” other posts. The report says that the malware is found hidden in the widely downloaded game apps such as Temple run and Subway Surfer.

This Electron Bot malware is a modular SEO poisoning malware, which is used for social media promotion and click fraud. The report confirms that the malware is mainly distributed via the Microsoft store platform which has been dropped from dozens of infected applications, especially games, which are constantly uploaded by the attackers. Most of the affected devices are from Sweden, Bulgaria, Russia, Bermuda, and Spain.

The cybersecurity firm explains that the Electron Bot malware gets into the device when a user downloads any affected app or game from Microsoft Store. How it succeeds in avoiding getting detected is by hiding inside the game apps. When the user downloads and launches the game, a JavaScript dropper is loaded dynamically in the background from the attackers’ server which executes several actions to install the malware in the device.

Once it is in the user's device, it uses Search Engine Optimisation (SEO) poisoning. Under this method, cybercriminals create malicious websites and use SEO tactics to make them show up on the top search results. Here, it boosts malicious apps and websites.