The sophistication of the bad actors employed to trick people is unmatched. And one way to do this is to mine cryptocurrency while abusing a desktop computer’s processing capacity. This is often an anonymous version like Monero in most circumstances (XMR). However, as the Check Point Research (CPR) cybersecurity infrastructure has just shown, this behavior can slip by for a long time. All of this is possible simply downloading well-known programs like Google Translate.
Although this is referred to as cryptojacking or cryptomining, the outcome is the same in both instances. That is, holding a portion of a private computer’s processing power hostage in order to covertly damage cryptocurrency. An action that may be seen because of a large slowness at his desk. However, certain variations are skilled at hiding their presence even further, as seen when they delay their deployment for a few weeks after the Trojan horse has been downloaded. These can even seem as well-known applications that are promoted as being secure and verified.
Over 100,000 PCs infected with Nitrokod in 11 countries.
Therefore, Check Point Research, a cybersecurity business, is the source of this disclosure (CPR). Additionally, it expressly names a Turkish-speaking software vendor who has been operating since 2019. Of course, the latter promises that it provides “free and safe software.” Instead, it would be malicious copies of well-known programs like the infamous Google Translate, an MP3 Download Manager, or even a version of Youtube Music that was displayed as a desktop application. The latter was decorated with a Trojan horse designed to attack the cryptocurrency Monero (XMR).
Thusly installed cryptomining software goes under the name Nitrokod. More than 112,000 machines in 11 different countries are presently infected, according to statistics from Check Point Research (CPR). Because the aforementioned software are available on marketplaces like Softpedia and Uptodown. With occasionally bizarre ratings, like in the instance of Google Translate’s desktop version, which displays an impossible 9.3. despite the fact that Google did not create this version.
Israel, Germany, the United Kingdom, the United States, Sri Lanka, Cyprus, Australia, Greece, Turkey, Mongolia, and Poland are the nations most severely impacted. The unique feature of this Nitrokod variant is its capacity to delay the start of the Monero mining operation for a number of days. The victims, whose computers have occasionally been infected for months or even years, are not suspicious of this.