An SEO poisoning malware called Electron Bot has been hacking social media accounts, including SoundCloud, Facebook, and Google, by impersonating games found in the Microsoft Store like Subway Surfer and Temple Run.
Researchers noted that the bot also allows the threat actors to control the compromised devices. Based on the analysis, Electron Bot can be operated remotely by hackers enabling its operators to create new accounts, log in, comment, and like social media posts.
The malware has recently claimed over 5,000 victims from different countries. The countries most affected by the bot are Bermuda, Sweden, Spain, Bulgaria, and Russia from a tally.
The bot’s infection starts when a target installs their malicious app from the Microsoft Store. If the target launches the compromised app, a JS script dropper is loaded, which downloads and installs the attached malware.
The Electron Bot is an SEO poisoning malware that focuses on ad fraud.
According to researchers, this newfound Electron Bot malware is described as a modular SEO-poisoning backdoor. Its operators had utilised the bot for click fraud and social media promotions.
The bot also contributes to the increase of malicious sites’ SEO showings and is offered by threat actors to advertise separate websites’ rankings, and can be utilised as an ad clicker that constantly clicks on remote sites to generate traffic on ads to create a substantial PPC ad revenue.
Electron Bot also endorses online products to earn revenue or increase a store’s reputation for increased sales.
The Electron bot is rampaging as of now. Smartphone users should be wary of this current issue and avoid applications with few reviews since there is a high possibility that the app may be compromised. Instead, it is better to opt for applications with reliable reviews and have excellent and consistent ratings.
Experts also advise being wary of applications with suspicious names and developers.
