Fake Microsoft Store fools you into downloading dangerous malware — How to stay alert

(Image credit: Unsplash)

Security researchers have recently discovered an active malware campaign that can steal private information — from passwords to cryptocurrency wallets — saved in web browsers.

Malicious actors are tricking unsuspecting users into downloading the malware by advertising what appear to be legit apps. Unfortunately, the ads lead to sites mimicking the Microsoft Store, Spotify, and a PDF converter app.

The best Microsoft Surface deals in April 2021
Best VPN services 2021
Nasty MacBook with M1 malware could steal your cryptocurrency

#BREAKING Beware of active infostealer campaign mimicking Microsoft Windows Store, Spotify and FreePdfConvert apps targeting countries in South America 🇵🇪🇨🇴🇦🇷. #ESETresearch @jiriatvirlab 1/3 pic.twitter.com/bizy5ie3GQApril 19, 2021

Spotted by Slovak internet security company ESET, the campaign uses advertising to lure users into downloading apps on a fake store. As shown by ESET, one example is an "xChess 3" chess application advertisement that leads to a page that looks exactly like the Microsoft Store, while another leads to a fake Spotify landing page.

The zip file containing the disguised malware is automatically downloaded when visiting the fake pages, which holds a "Ficker" Trojan malware. It lets hackers steal saved credentials in web browsers.

According to Bleeping Computer, the malware also lets malicious actors steal information on desktop messaging apps including Discord and Steam, along with cryptocurrency wallets. It also has the ability to take screenshots of whatever is on the victim's screen.

ESET states the malware campaign is currently targeting countries in South America, including Peru, Columbia and Argentina. This is the internet, however, meaning the fake advertisements could move anywhere.

Fake Microsoft Store — (Image credit: ESET)

While it's always important to download apps on an official store, like the Apple App Store or Microsoft Store on Windows 10, identical sites in browsers can easily trick users. However, there are a few other signs to be aware of.

For example, the fake chess app's description describes an "exciting adventure game" involving a ball. The last time we checked, this isn't how chess is played.

It's always a good idea to check information about an app, along with reviews from other users, before downloading them. An iPhone VPN scam had similar fake information that still duped a few users into subscribing to it.

Darragh Murphy is fascinated by all things bizarre, which usually leads to assorted coverage varying from washing machines designed for AirPods to the mischievous world of cyberattacks. Whether it's connecting Scar from The Lion King to two-factor authentication or turning his love for gadgets into a fabricated rap battle from 8 Mile, he believes there’s always a quirky spin to be made. With a Master’s degree in Magazine Journalism from The University of Sheffield, along with short stints at Kerrang! and Exposed Magazine, Darragh started his career writing about the tech industry at Time Out Dubai and ShortList Dubai, covering everything from the latest iPhone models and Huawei laptops to massive Esports events in the Middle East. Now, he can be found proudly diving into gaming, gadgets, and letting readers know the joys of docking stations for Laptop Mag.