Are Windows 10 apps safe? Are apps safe simply because they are on the Microsoft Store? Well, cybersecurity firm Symantec has reported that eight apps on the Microsoft Store were engaged in Cryptojacking. Cryptojacking is the malicious practice of using someone else’s system illegally for mining cryptocurrency. It is done by pushing malicious software into the host user’s system and a fraudulent mining code along with it.
Apps on the Microsoft Store engaged in Cryptojacking
Symantec reported this problem to Microsoft, and the IT giant has removed these apps from the Microsoft Store. The apps were as follows:
- Fast-search Lite
- Battery Optimiser (Tutorials)
- VPN Browser +
- Downloader for YouTube videos
- Clean Master + (Tutorials)
- Findoo Browser 2019
- Findoo Mobile & Desktop Search
If you installed any of these applications, remove them immediately and scan your system for virus and malware thoroughly. Upon being downloaded and installed, these apps trigger the Google Tag Manager (GTM) in their domain servers. This triggers the mining script which then does its job.
These apps were developed by three companies: DigiDream, 1clean, and Findoo. They were most probably created by the same person. Since they were common purpose software products, users must have installed them on their devices unsuspiciously.
Published between April 2018 and December 2018, these apps had almost 1900 ratings. It isn’t easy to predict the exact number of users who downloaded them, but considering how common their niche was, it could be anticipated that the script has infected a significant number of systems.
What to do if you either downloaded the apps or are concerned about safety in general?
In case you wish to secure your system, update Windows as soon as possible. Run a full system anti-virus and anti-malware scan. In case you downloaded any of these applications, you could also consider reformatting your system.
Check the Task Manager in your system and in case you notice any high-CPU usage due to any process, handle it accordingly.
For more information on this subject, please check the reference on Symantec’s website.