This extracts another executable that connects to a remote command-and-control server, fetches configuration settings for the Monero miner code, and starts the mining process, with generated coins sent to miscreants' wallets. At the same time, quietly in the background the software fetches and saves a series of executables that eventually schedule one particular. This gives the attackers the ability to spread functional programs without having to develop them."Īfter the booby-trapped program is downloaded and the user launches the software, an actual Google Translate app, built as described above using Chromium, is installed and runs as expected. "For example, the Google translate desktop application is converted from the Google Translate web page using the CEF project. "Most of their developed programs are easily built from the official web pages using a Chromium-based framework," he wrote.
Such lengthy, multi-stage infection efforts allowed the campaign to run undetected by cybersecurity experts for years before finally being discovered. According to Softpedia, the Nitrokod Google Translator app has been downloaded more than 112,000 times since December 2019.Īccording to Check Point, the Nitrokod programmers are patient, taking a long time and multiple steps to cover up the malware's presence inside an infected PC before installing aggressive cryptomining code. Nitrokod has been successful using download sites such as Softpedia to spread its naughty code. Smartphone gyroscopes threaten air-gapped systems, researcher finds.77% of security leaders fear we're in perpetual cyberwar from now on.Shout-out to whoever went to Black Hat and had North Korean malware on their PC.Critical hole in Atlassian Bitbucket allows any miscreant to hijack servers.On some sites, the malicious applications will boast about being "100% clean," though they are actually loaded with mining malware. "The malware drops almost a month after the infection, and following other stages to drop files, making it very hard to analyze back to the initial stage."Īlong with Google Translate, other software leveraged by Nitrokod include other translation applications – including Microsoft Translator Desktop – and MP3 downloader programs.
0 kommentar(er)
