Users have been alerted to fraudulent versions of well-known Google applications including Google Translate, YouTube Music, and Microsoft Translate that propagate malware for mining Monero. According to reports, a horrifying malware campaign has been activated and is already targeting users with bogus apps that mimic well-known Google programs.
According to Check Point Research (CPR), the research division of American-Israeli cybersecurity business Check Point Software Technologies, the virus has infected thousands of machines worldwide. Since 2019, machines in 11 nations have been infected by the “Nitrokod” Monero mining virus, according to the research team.
SEE ALSO: Leaked! This Live Video Shows How iPhone 14 Pro Dual Notch Will Work
The research team detailed malware assaults using phony desktop apps for well-known Google programs including Google Translate, YouTube Music, and Microsoft Translate. Numerous free software download portals, like Softpedia and Uptodown, provide these phony programs for download.
The investigation was carried out by the research team using a phony Google Translate desktop application. According to the study team, the majority of the products Nitrokod offers are well-known programs without an official desktop version. For instance, the desktop version of Google Translate is the most used Nitrokod application. Because Google hasn’t made a desktop version available, the attackers’ version is quite tempting.
The report also points out that the malware campaign’s operating methods have kept it from being discovered up until now. Instead of launching an assault immediately after the first software download, the virus uses a scheduled task mechanism to spread out the malware installation over a number of days and remove any evidence of its previous operation.
SEE ALSO: Apple iPhone 15 Pro To Be The Most Powerful Phone Of 2023; Here’s Why
Surprisingly, the hackers use a Chromium-based framework to propagate functioning applications while creating phony apps from the legitimate web pages of the original source. By using their CPU to mine Monero (XMR), Check Point estimates that almost 100,000 victims have been infected throughout Israel, Germany, the United Kingdom, the United States, Sri Lanka, Cyprus, Australia, Greece, Turkey, Mongolia, and Poland.