Fake Google Translate Malware Infects 100K PCs With Monero (XMR) Crypto Mining Software

A Turkish-based cryptocurrency malware called ‘Nitrokod’ has infected over 100,000 personal computers across 11 countries.

What Happened: new report from cybersecurity firm Check Point Research found that a malware application disguised as popular desktop applications has been making its way across the globe, largely undetected since 2019.

The application portrays itself as legitimate software like Alphabet Inc’s GOOGL GOOG Google Translate and YouTube Music or Microsoft Corporation’s MSFT Microsoft Translate.

After being installed on a user’s desktop, the trojanized malware unleashes a multi-stage infection that ends with crypto mining malware. To avoid detection, the malware is first executed only a month after Nitrokod is first installed, found the security researchers.

“The infection chain continued after a long delay using a scheduled task mechanism, giving the attackers time to clear the evidence,” said Check Point Research.

The cryptocurrency miner is installed on personal devices in stage 6 of the infection process. The miner installed corresponds to the privacy coin Monero XMR/USD.

Unlike Bitcoin BTC/USD and Ethereum ETH/USD, Monero uses cryptography to shield the sender’s and receiver’s addresses and the amount transacted.


Price Action: At press time, XMR was trading at $150, up 0.27% over the last 24 hours, as per data from Benzinga Pro. Meanwhile, BTC was trading at $20,082, up 1.2% in 24 hours and ETH was trading at $1,557, up 1.8% over the same period.

Market News and Data brought to you by Benzinga APIs
Posted In: CryptocurrencyNewsMarketsBitcoinmalwaremoneroNitrokod
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!