Bbabo NET

Science & Technology News

Virus miner embedded in Yandex Translate and Google Translate has already infected more than 100,000 computers

Information security specialists from Check Point Research (CPR) have discovered Nitrokod malware, which secretly penetrates computers under the guise of legitimate programs like Yandex Translate and Google Translate and mines cryptocurrencies on infected devices.

It is noted that Turkish hackers operating since 2019 are behind the development of the virus. Over several years of work, their virus miner managed to infect 111 thousand devices from 11 different countries.

Nitrokod is distributed through free Windows software repositories like Softpedia and Uptodown. The virus is loaded on them mainly under the guise of translators from Google, Yandex and Microsoft. In addition, CPR found samples of Nitrokod in programs masquerading as YouTube Music, MP3 Download Manager and PC Auto Shutdown.

One of the biggest problems in detecting Nitrokod is that its malicious features do not activate immediately, but weeks after installation. Until then, host programs perform only legitimate functions.

Virus miner embedded in Yandex Translate and Google Translate has already infected more than 100,000 computers