Windows Toolbox, a popular Windows 11 script used to add the Google Play Store to the Android Subsystem, is covertly infecting users’ systems with malicious scripts, Chrome extensions, and other malware.
When Microsoft announced the introduction of a feature that allows users to run Android apps on Windows, the news excited many users. However, when the feature was eventually released, excitement quickly turned to disappointment as users realized that it didn’t support Google Play.
Enter Windows Toolbox
Around that same time, a new tool called Windows Toolbox was released on GitHub with a host of features, including the ability to install Google Play Store for the Android subsystem. As a result, tech sites quickly jumped on board, enthusiastically promoting Windows Toolbox which, of course, led to it being downloaded by many users.
Windows Toolbox consists of a collection of scripts run through PowerShell and, although it does the job as advertised, it has very recently been discovered that it also contains malicious obfuscated scripts that install a Trojan and potentially other malware on affected devices.
Do not, under any circumstances download and run Windows Toolbox. And, if you’ve already downloaded and run the scripts, make sure to delete anything and everything associated with this malicious software.
- For more information please visit: Windows 11 tool to add Google Play secretly installed malware
NOTE: Windows Toolbox was recently added to MajorGeeks download portal as a new download. I’m pretty sure the lads at MajorGeeks have not yet caught up with the news that this is malicious software. I mention this because MajorGeeks is a trusted download source and users therefore might be tempted to trust the software. However, as I said, I am certain the lads at MajorGeeks will remove this item from their listings once they realize it is malicious.
VLC Media Player Hacked
Symantec’s cybersecurity has revealed that a group of Chinese bad actors, known as Cicada, is adding malicious code into the popular open-source VLC media player and distributing the altered version as a download online. I hasten to add that the original download direct from VideoLAN is clean and perfectly safe, as is the download from reputable/trusted download sites.
I mention this to emphasize a point that has been made here at DCT many times; you should always download software directly from the developer’s website where available and, on the odd occasion where this is not possible, make sure you are downloading from a reputable/trusted source.
Stay safe out there!