Spoofed Google Translate App Sneakily Installs Monero Mining Malware on Over 100,000 PCs
- Crypto mining malware is diagnosed in Google translate app.
- This malware soon starts putting set up for mining Monero cryptocurrency.
- Characters in the infected URLs are made to look like the ones in the real links.
A crypto mining malware is diagnosed in Google translate app
A crypto mining malware is diagnosed in Google translate app that has forayed almost thousands of PCs. A report by Check Point Research states that – This malware is known as Nitrokod and its origin is turkey. It is built by a Turkey-based entity as a desktop application for Google Translate. In fact, many users have downloaded this app on their PC in the absence of Google’s official desktop app for translation service. This app, once installed, later establishes an elaborate crypto mining operation set up on the infected PCs.
Google Meet’s New Feature Allows Users to Mute, Unmute Others in This Way. Details Here
This malware soon starts putting set up for mining of Monero cryptocurrency
This malware gets active and triggered as soon as the app gets successfully downloaded on the computer. When it gets completed, this malware soon starts putting set up for mining of Monero cryptocurrency. This basically depends on the POW (proof of work) mining model.
This in fact acts as the controller of the campaign and gives unknown/hidden access to the unauthorized computers to scam users and then damage the machines once it gets done successfully.
CPR in a report states –
“After the malware is executed, it connects to its C&C server to get a configuration for the XMRig crypto miner and starts the mining activity. The software can be easily found through Google when users search ‘Google Translate Desktop download’. The applications are trojanised and contain a delayed mechanism to unleash a long multi-stage infection,
Currently, thousands of computer systems are at stake and have been compromised as they are infected by the Nitrokod malware that first originated in the year 2019.
The news of this crypto mining scam has been shared by CPR on their Twitter handle.
The Crypto sector has become a new way for scammers to ditch people and is highly observable among cybercriminals.
They have leveraged the trust of the public on popular platforms like LinkedIn, Twitter, and Google to have a hawk-eye on new potential victims.
Characters in the infected URLs are made to look like the ones in the real links.
In fact, if we check the latest records, then the scams using the technologies like honeypot accounts and Unicode letters have tremendously increased.
Previously, these scammers use to replace URLs to legitimate sites with the infected sources created by them. Moreover, the Characters in the infected URLs are made to look like the ones in the real links. Once the target enters the fake website and gives away their login information, their assets come closer to being under the control of the scammer, who eventually drains them of their wallet.
Pokemon Go September 2022 Events: Legendary Raids, Spotlight Hours, and More
Megha Gupta is one of the leading writers of techzimo.com. She is working on Tech Zimo for the last 4 years, Apart from a writing job, she is a professional lecturer in a technology university, Know more about her here on Facebook.