Symantec Discovers Multiple Cryptojacking Apps on Microsoft Windows Store

By Nitish Singh / February 18, 2019

According to a report by security firm Symantec, eight apps were caught mining cryptocurrency on Windows PCs without users' consent. The apps were first discovered on January 17, following which the security company informed Microsoft about the issue.

The apps were discovered from a variety of categories, and they include Web browsers, battery optimization, video sharing apps and more. The eight apps that were discovered originated from three different developers including DigiDream, Findoo, and 1clean. However, Symantec believes that the apps are likely to have originated from the same developer or a group of developers working together.

The apps were featured by Microsoft in the top free apps list based on their popularity on the Windows Store. The cryptojacking apps were compatible with Windows 10 and Windows 10 S Mode, and none of the other versions were affected.

Cryptocurrency Mining Script

Image Courtesy of Symantec

Once the apps are downloaded and launched, hidden code within the apps would trigger a coin-mining JavaScript library using Google Tag Manager. The mining script would be activated upon launch, and the built-in Monero miner would run in the background. The developers did not take any measures to reduce the number of CPU cycles that the affected systems used.

All of the apps were published between April and December 2018 and were available for a very short time. The number of ratings that the apps received is in thousands but there was no publicly visible information about the total number of downloads. Unlike other platforms, Microsoft hides its total downloads statistics. Symantec also stated that the app downloads could have been inflated on purpose, making the number of affected users much lower.

Hiding cryptocurrency miners has become a common practice amongst lesser known developers who want to exploit their own users for personal profit. Platforms like Android and iOS have taken action against such developers last year, but Microsoft left its store unchecked until recently.

What do you think about the cryptojacking apps being discovered on the Microsoft Store? Let us know in the comments below. Get instant updates on TechNadu’s Facebook page, or Twitter handle.

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: