In line with an official report published by cybersecurity firm ‘Symantec’, U.S. based software tech giant ‘Microsoft’ has removed eight Windows 10 apps from its official app store after the detection of the presence of illicit Monero [XMR] coin mining codes.
Stealth crypto mining – conjointly also known by the name of ‘cryptojacking‘ – works by employing malware that uses a computer equipments power to mine for cryptocurrencies without the consent of its owner. In line with Symantec, the firm 1st detected malicious Monero [XMR] mining codes in eight apps – issued by 3 developers on 17th Jan.
After Symantec reported Microsoft, the corporation has removed all eight apps — although a delisting date isn’t yet provided.
The applications — that were marketed as a part of the top free app listings on the Microsoft Store reportedly enclosed “a computer & battery optimization tutorial, web search, internet browsers, and video viewing and download,” and were issued by developers namely “DigiDream, 1clean and Findoo.” Upon further investigation, Symantec has proposed that all the 8 apps have in fact probably been developed by the same person or cluster, instead of by 3 distinct entities.
Symantec representatives stated that this is often the first time cryptojacking cases have been found on the Microsoft store. The apps’ stealth success reportedly stems from the actual fact they run separately from the browser in a stand-alone [WWAHost.exe process] window. Additionally, they need “no throttling that simply implies [they can use] up 100% of user’s central processor time.”
As Synmantec added, while the suspect applications also provided privacy policies, without mentioning of any cryptocurrency mining. The firm’s analysis detected the strain of mining malware enclosed within the apps as being the net browser-based ‘Coinhive‘ XMR mining code.
Symantec added that it’s not been able to verify actual downloads or installation statistics, however observes that the apps received over 1,900 ratings — whether or not these accurately replicate real users, or illicit bots, is a bit difficult to know.
As reported earlier, recent analysis from another cyber security firm ‘Kaspersky Lab’ stated that cryptojacking overtook ‘ransomware‘ as the biggest cybersecurity threat — notably within Middle East, Turkey along with Africa.