The high-level diagram of Electron Bot can be seen below.įigure 2: High-level diagram of Electron Bot by Check Point ( source ).Īs observed, the malware infection chain starts with downloading a fake application from Microsoft’s legitimate store that will drop the malicious payload on the disk - the malware itself. The malware was first detected at the end of 2018 by taking advantage of malicious ad campaigns to target users in the wild. This piece of malware has evolved over the years, with criminals adding new techniques and TTP in their arsenal. įigure 1: Electron Bot – no malicious detection on VirusTotal 21-02-2022 ( source ). The malware doesn’t have malicious detections on VirusTotal or analysis by Check Point at the moment, as observed below. It has been distributed via Microsoft’s official store and dropped from a large volume of infected game applications, The actions executed by malware are: registering new accounts, logging in, commenting on and “like” other posts.Įlectron Bot is a modular SEO poisoning agent developed for social media promotion and executing click fraud movements. This malware executes several commands in a loop related to the social networks, including Facebook, Google and Sound Cloud. It has already infected over 5,000 machines around the globe in several countries, such as Sweden, Bulgaria, Russia, Bermuda and Spain. According to the Check Point Research Team, the malware acts as a backdoor. A recent malware disseminated via Microsoft’s official store and dubbed Electron Bot is capable of taking control over social media applications and infected around 5,000 machines around the globe.Įlectron Bot is a new type of malware equipped with features to compromise social media applications.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |