A Deceptive Phony Google Translate Program has Installed a Cryptocurrency Miner on 112,000 PCs

Summary

112,000 PCs in 11 countries now have cryptocurrency miners installed thanks to a fake Google Translate software. The virus has been slipping under the radar for years, according to Check Point Research (CPR) and Check Point Software Technologies, in part because of its cunning architecture, which postpones the malware installation for weeks after the original software download. This cunning spyware has infected thousands of computers across 11 countries while posing as normal desktop applications, causing people to unintentionally mine Monero (XMR).

Read More: Cyber-Warfare: Pegasus The most Powerful Cyber Weapon 

This week, the IT security company Checkpoint Research (CRP) released a study detailing the discovery of a crypto mining malware operation that hid behind trustworthy-app-appearing programs like Google Translate. 

The apps win users’ confidence by downloading malware while carrying out their promised duties.

Researchers identified the well-known software download websites Softpedia and Uptodown as secure after discovering malware from Turkish developer Nitrokod. 

PC versions of Google Translate, Yandex Translate, Microsoft Translator, YouTube Music, and an MP3 downloader are some of the bogus applications.

The absence of official desktop apps for any of these services makes Nitrokod’s versions appear to be the only ones achieving high search rankings.

Nitrokod created the virus to seem authentic after installation. The group’s Google Translate app, for example, looks and functions just like the official website. The apps do not start acting suspiciously straight immediately. Instead, they wait until the user has reset the system at least four times on four different days, which might take weeks depending on the person. That’s because Nitrokod created it by transforming Google’s website using the Chromium Embedded Framework.

Read More: Italian Malware is Targeting Apple and Android phones, Claims Google

It will also not launch the mining application if it detects that it is operating on a virtual computer to safeguard against infection. TechSpot and other tech news websites frequently feature secure downloads of numerous apps, like the Android version of Google Translate.

Leave a Reply

Your email address will not be published. Required fields are marked *