Beware of infected fakes in Microsoft Store


Feel like trying a new game from the Microsoft Store this weekend? Be careful!

In a new report released by Check Point Research (CPR), a new strain of malware has arrived. Dubbed Electron Bot, it has claimed more than 5,000 victims in over 20 countries. It’s currently being distributed via the Microsoft store platform, hiding in dozens of infected apps, mostly games, that the attackers are constantly uploading.

The popular Temple Endless Runner 2 game cloned by the Electron Bot operators.


Electron Bot does something called SEO Poisoning, using the victim’s computer to promote malicious websites to further distribute malware. It also functions as an ad clicker, constantly clicking on remote websites to generate clicks on ad, generating pay-per-click (PPC) money for scammers.

The Takeaway

Electron Bot’s successful invasion of Microsoft’s official app store is just a reminder not to throw caution to the wind when a shiny new upload shows up on the app store. All official App stores, be it from Apple, Microsoft or Google are rife with fraud, fleeceware and banking trojans.

Here are 3 quick tips to follow before downloading:

  1. Avoid downloading an application with a small number of reviews

  2. Look for applications with good, consistent and reliable reviews, not obvious, fake bot reviews

  3. Pay attention to suspicious naming that’s identical to the original name of the app it’s clearly copying. For example the copycat Temple Endless Runner vs the official Temple Run title

And if you already have our Total Security service offering, not to worry – we have you protected from malicious downloads.

Stay safe out there

-A