The SEO poisoning bot, capable of full system takeover, is actively taking over social media accounts, masquerading as popular games like Temple Run.
A backdoor malware that can take over social-media accounts – including Facebook, Google and Soundcloud – has infiltrated Microsoft’s official store by cloning popular games such as Temple Run or Subway Surfer.
The backdoor, dubbed Electron Bot, gives attackers complete control over compromised machines. Among the multiple evil deeds it can execute remotely, it enables its operators to register new accounts, log in, and comment on and like other social media posts – all in real time.
In a Thursday report, Check Point Research (CPR) said that the malware has claimed more than 5,000 victims in 20 countries – most from Bermuda, Bulgaria, Russia, Spain and Sweden– in its actively ongoing onslaught.
It’s mainly being distributed via the Microsoft store platform, hiding in dozens of infected apps – mostly games – that the attackers are “constantly” uploading, CPR said.
A Microsoft spokesperson told Threatpost on Thursday that “We are investigating this issue and will take appropriate action to protect customers.”
SEO Poisoning, Ad-Clicking and Fraud
As for its endgame, CPR researchers described the