Researchers at Symantec found 8 illicit cryptojacking apps in the Microsoft Store, which then kicked the offending programs.

In the early days of Bitcoin, it was quite common for regular people to mine for cryptocurrencies using their home computers. Now the vast majority of crypto mining is done by large corporations via massive server farms. However, there are plenty of hackers who release programs that contain malicious code that take over a person’s computer to mine for cryptocurrency without the user ever knowing what’s going on. This takeover for crypto mining is called cryptojacking.

Eight Cryptojacking Apps Found

Cybersecurity researchers at Symantec examined apps listed in the Microsoft Store and found eight that contained code for cryptojacking. These eight apps were:

FastTube

Downloader for YouTube Videos

Battery Optimizer (Tutorials)

Clean Master+ (Tutorials)

VPN Browser+

Fast-search Lite

Findoo Browser 2019

FindooE Mobile and Desktop Search

All of the apps came from three developers: DigiDream, 1clean, and Findoo. Upon further investigation, the researchers believe that a single person or group is responsible for all of the malicious cryptojacking apps.

Microsoft Store Gives the Apps the Boot

The apps launch a Google Tag Manager when they start, which connects to a JavaScript library for crypto mining. The script used is a version of the infamous Coinhive, which is used to mine the privacy-focused Monero cryptocurrency. These cryptojacking apps commandeer the majority of the user’s CPU power.

The apps appear to have been uploaded to the Microsoft Store between April and December 2018. Symantec notes that while they have no hard numbers on how many users have been affected, a significant number of people have downloaded the apps.

Symantec found the wallet that the mined Monero is being sent to (da8c1ffb984d0c24acc5f8b966d6f218fc3ca6bda661). The researches notified Google and the Microsoft Store about the apps, and Microsoft promptly removed them. Google removed the mining JavaScript from Google Tag Manager.

It pays to be careful when deciding to download an app, even from a trusted source. Symantec recommends the following precautions:

Keep your software up to date.

Do not download apps from unfamiliar sites.

Only install apps from trusted sources.

Pay close attention to the permissions requested by apps.

Pay close attention to CPU and memory usage of your computer or device.

Install a suitable security app, such as Norton or Symantec Endpoint Protection, to protect your device and data.

Make frequent backups of important data.

Have you ever fallen victim to cryptojacking? Let us know in the comments below.

Images courtesy of AdobeStock and Pixabay.