Claim Giveaway Token
Follow On Google News

Crypto Malware Impersonating the Google Translate App Affects Thousands of PCs

02 Sep 2022 By: Rohit Khandelwal
Crypto Malware Imper

Malicious software designed to mine cryptocurrency has infiltrated hundreds of devices with the appearance of a Google Translate application.

According to Check Point Research (CPR) on August 29, the malicious software known as "Nitokod" was designed as a desktop tool for Google Translate and was created by a Turkish organization.

In the absence of an official desktop client for Google's Translate services, a substantial number of Google users have installed this software on their Computers. When you install this software on a smartphone, it immediately starts a sophisticated cryptocurrency mining operation on that device.

Following the download of this malicious software, the malware installation procedure is launched via the use of a scheduled task mechanism. Later on, this malicious software installs complicated mining equipment for the Monero (XMR) cryptocurrency.

Mining software uses Proof of Work

The mining software is built on the Proof of Work (PoW) mining consensus, which uses a lot of power. As a result, the controller of this campaign gains covert access to the compromised devices, allowing them to swindle individuals and cause damage to the systems.

According to the CPR report, once the malware is activated, it connects to its c and c server to obtain a setup for the XMRig crypto miner and begins mining. Users may simply locate the program by searching Google Translate Desktop download. The applications have been trojanized and have a delayed mechanism that will launch a multi-stage infection.

As per reports, Nitrokod malware has affected PCs in at least 11 nations since its release in 2019. CPR has also tweeted updates and cautions about the crypto mining operation.

Zscaler Threatlabz stated that another spyware, the Joker virus, attacked 50 applications on the Google Play Store in a similar manner earlier this year. They were promptly removed from Google Play Store. The Zscaler ThreatLabz team discovered the Joker, Facestealer, and Coper malware families spreading via applications.

The malicious applications were instantly removed from the Google Play Store when the ThreatLabz team promptly alerted the Google Android Security team of these newly detected threats.

Despite the fact that many individuals in crypto are concerned about rumors of prospective scams, a recent study discovered that cryptocurrency fraud revenue plummeted by 65% and has been decreasing.

Read also: Former CFTC Commissioner Joins FTX US Derivatives Board