Take A Step Back Before Downloading Games From Windows Store

Highlights
– A malware strain named Electron Bot has infected over 5000 PCs across the globe

– Most victims are from Russia, Sweden, Bermuda, Bulgaria, and Spain

– Attackers use the malware as a backdoor. Once they gain control of the victimized machine, they take full control of it

– Microsoft Store games that malware has infected are the clones of popular games like Subway Surfer and Temple Run

temple-runner

Source: Checkpoint Research

As a Windows user, you probably love installing apps or games from Microsoft Store. And if you are a regular at installing games or even apps, here is news that might prompt you to step back. As per Check Point Research, a new strain of malware has crept into the Windows or Microsoft Store. And, what’s even worse it has already infected several thousand computers across the globe.

The Malware Strain Is A Ghost From The Past
This is not the first time that Electron Bot has appeared. It surfaced back towards the end of 2018 when it presented itself as an ad-clicking bot. Furthermore, it took the disguise of a legit app, and at that time, it disguised itself as “Albums by Google Photos”

And, the ghost hasn’t seemed to stop. It has come back. Worry not! We are not going to scare you with ghost stories. But, the point here is that this malware strain hides as legitimate Windows Store apps and more so, it is there on Microsoft Store.

But how’s that even possible? For an app to make way to Windows or Microsoft Store aren’t stringent checks conducted? And, if this has happened once and it might happen again, should Windows users stop installing apps from Microsoft Store? We’ll answer all such questions in this post, so make sure you read this post to the very last.

This Might Interest You – Want To Know The Malware Up and Close, Check This Post From Check Point Research

What’s The Danger?

Once infected, the adversaries can gain take complete control of the infected machine. They can then perform real-time interactions and remotely execute commands. The goal of the attackers as reported is click fraud and social media promotion. Yes, you heard us right – Electron Bot supports new account registration as well as liking and commenting on platforms like Google, Facebook, YouTube, and Sound Cloud.

As analyzed by the cybersecurity research firm CheckPoint, Electron Bot seems to have a campaign of sorts through which it carries out goals like –

  • Product Promotion-Online-  Victim clicks on advertisements and increases store rating
  • Ad-clicking-  The infected machine is connected to remote sites in the background and then non-viewable advertisements are clicked upon
  • SEO poisoning – Imagine a malware-infected website ranking high in search engine. Well, Electron Bot malware brings this imagination to reality.
  • Social Media Promotion – Driving direct traffic on specific content on a victim’s social media account.

Things You Can Do To Stay Away From Electron Bot Malware

– An Antivirus Is The Need of The Hour

An Antivirus may be helpful in stopping the execution of the malware. So, as a first, line of defense, it is important to have Antivirus protection running inside your computer. Systweak Antivirus, for instance, is one of the best Antivirus for the Windows operating system. Here is a comprehensive inside-out review of Systweak Antivirus. It offers real-time protection against malicious threats and as soon as it perceives a threat, it quickly removes it. Adding to its credibility is its frequently updated database. So, no matter how new or intricate the malware is, there is no way it can skip the eyes of Systweak Antivirus.

How Does Systweak Antivirus Work?

1. Download and run Systweak Antivirus

2. Click on the Start Scan button

systweak-antivirus

3. Select a mode of scan – Quick, Deep, or Custom

deep-scan

That’s it! If there is a threat, it will be removed and it will no longer scare you or your PC>

– Make Sure That The App or Game Comes From A Genuine Developer

What’s in the name? In this case, actually, there is a lot in the name. Before you hit that install button, it won’t hurt to run a little background check on the game or app you are installing. Make sure, it is the exact game that you want to install. Also, gather a little information about the developer and if they have been in the news for bad reasons.

– Reviews Matter A lot

Like we said, beware if the game or app has been infamous for spreading malicious threats, and, the first instance, is the reviews. If the app has good consistent reviews where none of the reviewers have at least talked about “spreading malicious threats”, you are all good to go, else, it’s better to steer clear of the app.

My Computer Has Already Been Compromised – What Do I Do?

As Check Point Research has suggested, here are a few things that you can do to clean your infected machine and cease the damage from spreading any further –

● Uninstall The Application Completely

Here you can either follow the steps mentioned below or additionally bring into force a dedicated third-party uninstaller program which will even help you get rid of the remnants as well –

1. Open Settings

apps

2. Go to Apps

3. Locate the app and click on the Uninstall button

all-apps

● Remove the LNK file present In The Start-Up Folder

  1. In Windows Explorer address bar type this

C:\Users\<username>\AppData\Microsoft\Windows\Start Menu\Programs\Startup

  1. Remove the following folders –

Locate the Skype.lnk file or WindowsSecurityUpdate.Lnk and remove it

● Get Rid of The Malware Package Folder

  1. In Windows Explorer address bar type this – C:\Users\<username>\AppData\Local\Packages
  1. Locate the following folders and remove them instantly –

“Microsoft.Windows.SecurityUpdate_cw5n1h2txyewy”

“Microsoft.Windows.Skype_cw5n1h2txyewy”

Wrapping Up

The intent of this post about Electron Bot malware on the Microsoft Store is not to scare you or stop you from installing games and apps. Because let’s face it – In this day and age, everything is possible. Attackers may keep on infecting such platforms with malicious threats, but, if you don’t let your guard down, and, follow some simple checks as we have mentioned above, your PC might never be infected in the first place.

If you liked the post, do give it a thumbs up, comment your views and don’t keep the goodness to yourself, instead share this post with everyone you care for. For more interesting, engaging, and informative tech-related content, keep reading WeTheGeek.Follow us on social media – FacebookInstagram and YouTube.

What Do You Think?
Responses
  • Upvote
  • Funny
  • Love
  • Surprised
  • Angry
  • Sad

Leave a Reply