September 26, 2022
Nitrokod A Turkish-based malware campaign, called Nitrokod, has infected thousands of machines with cryptomining malware. And oddly enough, Nitrokod spreads this malware through unofficial desktop versions of popular web apps, such as Google Translate. The malware scheme was detected by Check Point XDR and publicized by Check Point Research. Essentially, Nitrokod distributes free software versions of Google…

Nitrokod

A Turkish-based malware campaign, called Nitrokod, has infected thousands of machines with cryptomining malware. And oddly enough, Nitrokod spreads this malware through unofficial desktop versions of popular web apps, such as Google Translate.

The malware scheme was detected by Check Point XDR and publicized by Check Point Research. Essentially, Nitrokod distributes free software versions of Google Translate, Microsoft Translate, and various MP3 downloaders. These applications contain a timebomb—they slowly install encrypted RAR archives that contain the building blocks for a cryptominer.

By the time this cryptominer is installed on your PC, all evidence of wrongdoing is erased. Plus,  the malware’s file location is whitelisted by Windows Defender. This process can take months, but in the end, hackers will utilize your system resources to mine cryptocurrency.

Nitrokod’s software is available on platforms like Softpedia and uptodown. And if you search for “Google Translate desktop app,” Nitrokod occupies the first few results. Check Point Research believes that NitroKod began spreading malware way back in 2019.

To create its software, NitroKod hackers simply take a Chromium app framework and force it to display an embedded version of a webpage. These hackers aren’t…

Read Full Article Source

Leave a Reply

Your email address will not be published.