A recent malware disseminated via Microsoft’s official store and dubbed Electron Bot is capable of taking control over social media applications and infected around 5,000 machines around the globe.
Electron Bot is a new type of malware equipped with features to compromise social media applications. According to the Check Point Research Team, the malware acts as a backdoor. It has already infected over 5,000 machines around the globe in several countries, such as Sweden, Bulgaria, Russia, Bermuda and Spain.
This malware executes several commands in a loop related to the social networks, including Facebook, Google and Sound Cloud. The actions executed by malware are: registering new accounts, logging in, commenting on and “like” other posts.
Electron Bot is a modular SEO poisoning agent developed for social media promotion and executing click fraud movements. It has been distributed via Microsoft’s official store and dropped from a large volume of infected game applications,
The malware doesn’t have malicious detections on VirusTotal or analysis by Check Point at the moment, as observed below. [CLICK IMAGES TO ENLARGE]
Figure 1: Electron Bot – no malicious detection on VirusTotal 21-02-2022 (source).
How Electron Bot malware works
This piece of malware has evolved over the years,