In alarming news, Symantec has revealed that they have found eight apps on Microsoft’s app store that mine the cryptocurrency Monero without the user’s knowledge.
In January, Symantec discovered several potentially unwanted applications (PUAs) on the Microsoft Store that surreptitiously use the victim’s CPU power to mine cryptocurrency. Symantec reporting these apps to Microsoft and they subsequently removed them from their store.
The apps — which included those for computer and battery optimisation tutorial, and video viewing and download — came from three developers: DigiDream, 1clean, and Findoo. In total, we discovered eight apps from these developers that shared the same risky behaviour. After further investigation, it is believed that all these apps were likely developed by the same person or group. Possessing these cryptocurrencies can be a very lucrative practice to become involved in, as you can then begin to trade these virtual commodities on online trading platforms such as cryptoevent.io. However, it is usually very costly to mine these cryptocurrencies, which is why many people will revert to less conventional means of mining them.
Users may get introduced to these apps through the top free apps lists on the Microsoft Store or through keyword search. The samples found run on Windows 10, including Windows 10 S Mode.
Stay protected from online threats and risks by taking these precautions:
- Keep your software up to date.
- Do not download apps from unfamiliar sites.
- Only install apps from trusted sources.
- Pay close attention to the permissions requested by apps.
- Pay close attention to CPU and memory usage of your computer or device.
- Install a suitable security app, such as Norton or Symantec Endpoint Protection, to protect your device and data.
- Make frequent backups of important data.