Amid Massive CoinHive Cryptojacking on Microsoft Platform, Company Removes Eight Free Apps

Most of the stories in the media about cryptojacking and hacking are due to a vulnerability in a crypto exchange or simply highly advanced hackers. However, in a new report by Symantec, Microsoft has been the victim of the presence of a surreptitious Monero mining code on multiple applications.

As such, Microsoft has since removed eight Windows 10 applications that were formerly found on the Microsoft Store.

Cryptojacking involves the installation of malware onto a device that takes the processing power of the computer or similar device towards crypto mining. This is all done without the victim knowing that any mining is taking place. In the report from Symantec, the XMR mining code was detected in eight applications, which were issued by three separate developers, in January.

Upon alerting Microsoft, the company acted quickly to remove the products, though they did not provide a date for when the delisting took place.

According to the report, the applications included “a computer and battery optimization tutorial, internet search, web browsers, and video viewing and download.” The applications were issued by developers “DigiDream, 1clean and Findoo.”

When Symantec investigated the issue further, the evidence appears to link all of the apps to the same developer, or at least a single group.

The samples found are all exclusive to running on Windows 10 and Windows 10 S Mode, though they were created from April to December last year. To be activated, the trigger the Google Tag Manager to grab the coin-mining JavaScript library. After activating the mining script, it is relatively easy to use the CPU cycle of the computer to mine XMR.

Representatives of Symantec spoke with the ZDNet tech news website about this situation, saying that there never has been evidence of cryptojacking detected in the Microsoft Store. The success of these hackers seems to come from the fact that they use a standalone window that runs separately from the browser.

The report indicated that they also have “no throttling which means [they can use] up 100% of user’s CPU time.

Though there are privacy policies included in all of the apps, they also refrained from including details about crypto mining. The strain of mining malware found is the Coinhive XMR mining code. There is been no details released about the download or installation statistics, but the 1,900 ratings could give some indication as to how far these downloads spread before they were discovered.

Along with delisting the programs, Google Tag Manager also no longer has the mining JavaScript on it.

Cryptojacking recently became more threatening than ransomware, as far as cybersecurity risks in the Middle East, Turkey, and Africa. These details were the result of research performed by Kaspersky Lab, a cybersecurity research firm.

Get Daily Headlines

Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

What to Know More?

Join Our Telegram Group to Receive Live Updates on The Latest Blockchain & Crypto News From Your Favorite Projects

Join Our Telegram

Stay Up to Date!

Join us on Twitter to Get The Latest Trading Signals, Blockchain News, and Daily Communication with Crypto Users!

Join Our Twitter

Add comment

E-mail is already registered on the site. Please use the Login form or enter another.

You entered an incorrect username or password

Sorry, you must be logged in to post a comment.
Bitcoin Exchange Guide