Crypto-mining malware has stealthily infected hundreds of thousands of computers around the world. New Research This software is often disguised as a legitimate program, for example, the Google Translate app.
Been on the radar for years
An Aug. 29 research report from cyber-security firm Check Point Research (CPR) says malware can stay under the radar for years. Thanks in part to the unique design of the apps, it seems to work well on the surface. However, if you dive into the code of, for example, the ‘Google Translate app’ in question, you’ll quickly discover that there’s a lot more going on behind the scenes.
The apps design is so good that the mining software is activated a few weeks after the initial installation of the app. It makes it even harder to determine if your computer is slowing down because it’s been running without problems for weeks. Once the installation of the mining software starts, the program will go through all the steps in a few days. Eventually, a well-hidden Monero miner will run on your computer.
Computers in 11 countries were affected
The software, which goes by the name ‘Nitrocode’, is active in 11 different countries, the cyber-security firm said. Some programs have been downloaded several hundred thousand times. For example, the Google Translate Desktop app on Softpedia has almost a thousand reviews with an average score of 9.3/10. Notably, Google doesn’t even have an official desktop app for Google Translate.
According to Check Point Research, a cyber-security firm, offering apps in desktop versions is a key area of fraud. Most programs offered by Nitrokod do not have a desktop version. This makes unsuspecting users think they have found an amazing program that is not available anywhere else. “What’s really interesting to me about this issue is that these apps are so popular, but at the same time have been under the radar for so long.” Thus Maya Horowitz of Checkpoint Research.
112,000 computers fall prey to malware
So far, more than 112,000 computers have fallen prey to the Nitrokod malware. They are from Israel, Germany, England, USA, Sri Lanka, Cyprus, Australia, Greece, Turkey, Mongolia and Poland. However, the Dutch are also more likely to have software on their computer. Check Point Research has discovered software, but the full ‘damage picture’ is unlikely to be immediately mapped.
Here are some simple tips from Maya Horowitz to avoid falling victim to this type of scam. “Be aware of websites that look like an official website, always check the domain name, and don’t open emails from senders you don’t recognize. “Only download software from authorized parties, reputable vendors, and make sure your anti-virus software is always up-to-date,” Horowitz said of ways to avoid this scam.
Through this investigation, Check Point Research has unmasked a group of fraudsters, but many other schemes are likely to live under the radar. This case shows once again that the Internet is not necessarily a safe place and that it is important to invest time in good security.
