Microsoft Corporation (NASDAQ:MSFT) closed the last trading session at $109.41 up 2.11% on a volume of 29.1 million shares. Here is the latest buzz on the company.
Microsoft removed ten apps from its official app store for indulging in crypto mining activities. The apps involved in Monero Cryptocurrency (XMR) mining include Downloader for YouTube Videos, VPN Browsers+, Clean Master+ (Tutorials), Battery Optimizer (Tutorials), Fast Tube, Findoo Mobile & Desktop search, Findoo Browser 2019, and Fast Search Lite. These apps mine the digital currency for the developers including Findoo, 1Clean, and DigiDream at the back of the users.
Symantec detects malicious apps
Symantec, a prominent cybersecurity firm based in the US, identified the malicious apps in February 2019. The security firm detected the malicious activity from the source code and the leading domains. Symantec believes that the same group or person developed all the eight apps under different names. All the apps used GTM (Google Tag Manager) Library in their source code.
The malicious activity is performed via GTM library. The infamous JavaScript library – Coinhive pirated version is found in the apps for allowing hackers to mine the Monero on hacked sites secretly. The activity is carried out through the browsers of visitors.
The developers used the library to execute the JavaScript code in apps on iOS, Android, game mods, and Windows 10. It is the first time to find such dangerous apps in Windows 10 official app store.
Apps run in a standalone window
According to experts of Symantec, the malicious apps, which are installed as the Windows 10 apps, execute the Coinhive pirated JavaScript code in a separate window under the WWSHost.exe process independently from the web browser. Senior Principal Software Engineer of Symantec, Tommy Dong detected the malicious mining script in the URL and researched to locate the malicious apps. The Coinhive miner on the users’ pcs silently consumes all the CPU power to mine the Monero for developers of these apps. This activity is rampant on the PCs on which the apps are installed in the past few months.
The users can detect malicious activity by checking the CPU usage. The malicious apps consume 100% of the CPU power. It is not clear how many PCs are affected by these malicious apps.