Tech

Explained: How this Windows malware uses Google Translate and other programs to infect your PC/laptop


Cybersecurity researchers from Check Point Research (CPR) recently discovered a previously undisclosed cryptocurrency mining operation. malware campaign named – Nitrokod. This type of dangerous malware may have just been discovered, but it has been around for a long time. The CPR blog claims that the malware campaign has “capable of infecting” thousands of Windows laptops and PCs worldwide. According to the blog, the malware still lurks inside “real-looking” apps available on various online stores.
Where is this malware hiding
Researchers have discovered several hiding spots of this malware. The blog mentioned that one of them disguised himself as an “official” Google translator customers.”. Users can do a Google search for the same thing via Chrome browser browser (or other browsers with Chromium-based frameworks). If you type “Download Google Translate for Desktop”, in the Google Search bar, one of these malware campaigns will appear at the top of the search.

If you type “Download Google Translate for Desktop”, in the Google Search bar, one of these malware campaigns will appear at the top of the search.


The blog also mentions that malware hiding in some of the lifelike apps is listed on freeware repositories like –Softpedia and listed under the author’s name – Nitrokod Inc.
How is this malware different?
The blog says that the malware is first executed almost a month after the Nitrokod program (e.g. Google Translate) was installed. Furthermore, the malware is only distributed after going through six stages of the infection program, the blog adds.

In addition, the infection chain continues to work for a long time using a scheduled task mechanism that gives attackers time to remove evidence, the blog noted. This makes it harder for users to spot a malware campaign.
The report also notes that the malware implements a variety of evasion techniques including – delaying malicious activity and setting firewall exclusions – crypto miners can easily conduct business. yourself without needing to be alarmed.
Furthermore, the report also warns that the campaign has been around for a long time and that some of the “cheat programs” have been downloaded by more than 100,000 people.
How can these infectious bots be a problem?
According to a TechRadar report, crypto-mining malware is not typically designed to steal data or encrypt files – like ransomware, however, infection can cause other types of problems each other for the victim.

In addition to affecting device performance, these infections can also increase power consumption as CPU resources are devoted to mining, the report found. This can increase consumer bills and affect users’ finances.
How to avoid a malware campaign
To stay safe from such unwanted malware campaigns, internet users are advised to download exclusive apps from authentic marketplaces like – Google Play or Windows Store. The report mentions that some strains can hide from built-in security services and external anti-virus systems that can help detect infections.





Source link

news7h

News7h: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button