The malware is activated just weeks after installation and also deftly bypasses Windows Defender.
Nowadays, cryptocurrency mining is nowhere near as good a business as it used to be, which is why enthusiastic farmers are now They divorced en masse of their devices used for this purpose. However, the cost-benefit ratio shows a completely different picture if you use other people’s computers instead.
This was also attempted by a Turkish hacker who created encryption malware hidden in a free Windows application, which generates money for the perpetrator without the knowledge of unwary users.
The virus is hiding in the Google Translate desktop app called “Nitrokod Inc.” It works under the name of a developer whose name is one of these programs has been updated, with more than 113,000 people already downloading it. The malware was discovered by the analysis company Check Point Research, From the report, it is clear thatwe are dealing with a very difficult program.
After installation, the program called “Google Translate Desktop” works exactly as expected, and the encryption itself starts with a delay of only one month, after the program has already removed traces of the malware download and added itself to Windows Defender exceptions, avoiding alerting the operating system.
This way, the program can mine cryptocurrency unnoticed, and even if regular users notice the resulting performance drop, they will likely never find out what’s going on in the background. The case shows that it is worth being careful with portals offering free software, among which the Nitrokod virus is listed in several places under the “100% clean” banners, and it can be downloaded without a hitch at the time of writing our article.
