Beware! Nitrokod Malware Attacks Crypto miners Via Google Translate

A Turkish-based malware assault known as Nitrokod has infected tens of thousands of computers with crypto mining software. Surprisingly, Nitrokod transmits this virus using unauthorized desktop versions of famous web applications, such as Google Translate.

Check Point XDR and Check Point Research discovered the malware technique and made it public. Nitrokod primarily provides free software versions of Google Translate, Microsoft Translate, and a variety of MP3 downloaders. These programs include a time bomb; they progressively install encrypted RAR archives that contact the components of a cryptocurrency miner.

Beware! Nitrokod Malware Attacks Crypto Miners Via Google Translate

Furthermore, when this crypto miner is installed on your computer, all traces of phishing are removed. In addition, the malicious file’s location is included on Windows Defender’s whitelist. This might take months, but ultimately, hackers will use your system’s resources to mine cryptocurrencies.

The software of Nitrokod is available on sites such as Softpedia and uptodown. And if you conduct a search for the “Google Translate desktop application,” Nitrokod is among the top results. According to Check Point Research, NitroKod began distributing malware in 2019.

Hackers from NitroKod steal a Chromium app framework and force it to show an embedded version of a website in order to construct their program. Although these hackers do not construct programs from scratch, they may have created (or modified) the script that automatically installs malware.

We recommend avoiding third-party versions of common web services. And if an app is labeled as “100% clean” or has any other questionable language, then completely leave it. Those impacted by this malware should delete any linked software.

Check out? Hackers Stole More Than $100m Worth Of NFTs In Past Year: Elliptic Report