April 20, 2024
The presence of cryptocurrency mining malware in some free Windows programs
Security

The presence of cryptocurrency mining malware in some free Windows programs

cryptocurrency mining malware

The presence of cryptocurrency mining malware in some free Windows programs can abuse people’s systems.

Cryptocurrency mining malware

New malware disguises itself as an MP3 downloader or Google Translate, subtly exploits Windows systems for cryptocurrency mining.

Cryptocurrency mining malware

 

These cryptocurrency mining malwares have been detected in 11 countries so far. These malwares disguise themselves as legitimate freeware. A report shows that a developer called Nitrokod is behind these malwares.

Although Nitrokod’s software appears to be legitimate, CheckPoint confirmed in a report that these programs delay the installation of malware by up to a month.

The contamination chain will continue after a long delay using the scheduled task mechanism, giving the threat actors enough time to get rid of any evidence.

According to DigitalTrends, after the victim runs any of the infected programs, the original Google Translate app will be installed on their system.

This program clears all system logs through PowerShell commands. In addition, by implementing the rules of the system firewall, it will prevent detection through Windows Defender.

After several weeks, the malware will be loaded and then connected to the C&C server to receive the configuration needed to mine the cryptocurrency.

These malicious files allow the program to start the mining process on the targeted personal computers after some time.

The existence of these malwares in popular sites

Free software download sites are a very popular search term for Google, and fake Nitrokod programs rank high in search results.

One such website is Softpeida, which has recorded over 112,000 downloads for the developer’s Google Translate.

Cryptocurrency mining malware

Cryptomining malware can put a lot of strain on the system due to the impact it has on the hardware. It also naturally causes it to overheat. The overall performance of the computer can also have other negative effects on its performance if additional processing resources are used.

Given that malicious malware is activated through these software, the threat actor can change it to potentially much more dangerous code. We advise you to always make sure that the source is legal before downloading the programs you need.

 

 

Leave a Reply

Your email address will not be published.