Fake Microsoft Store app pages trick users into downloading malware

Ewdison Then - Apr 20, 2021, 9:39pm CDT
Fake Microsoft Store app pages trick users into downloading malware

Although it has certainly improved, Windows remains vulnerable to a large number of malware, at least more than its peers and rivals both on desktops and mobile. It is almost too easy to infect a Windows PC by simply downloading an app, despite having an official app store. Microsoft urges users to only install apps from its official channels but some hackers are now taking advantage of that by masquerading as legit Microsoft Store apps.

Just like with any app store, it’s possible to browse through the Microsoft Store with a web browser. On a Windows machine, clicking on an app’s Install button will instead launch the Microsoft Store app to complete the process. It will never, in any circumstance, actually download anything.

Unfortunately, some people used to downloading installers and ZIP files from the Internet might not be aware of that. So when what looks like a legit Windows app page starts downloading something, they think nothing of it. Unfortunately, what it really downloads is a variant of the Ficker or FickerStealer information-stealing malware.

According to Bleeping Computer, this malware is capable of stealing passwords and documents, taking screenshots of the user’s desktop, and even steal cryptocurrency wallets. These pieces of data are packed into a ZIP file and then sent back to the attacker for processing.

Cybersecurity firm ESET notes that the campaign also uses a fake Spotify page to trick users into downloading the malware. It should be evident in the address bar, however, that these are from the real pages for these apps and services. Unfortunately, not all users pay attention to that address, putting the burden of detecting such scams on browser makers.


Must Read Bits & Bytes