Cybercriminals came up with a new way of malware to mine cryptocurrencies. Using the advantage of certain apps which do not require installation on browsers, Hackers created a similar malware in the form of the Google Translate app and other programs.
According to the sources, there is a Turkish group behind cybercrime. This group has been infecting users since 2019, in terms of data that is in 11 countries. Check Point Research caught this cybercriminal group in July 2022, which is known as Nitokod.
How Nitrokod Attacks
Nitrokod malware uses such apps and services on the browser, which do not require installation and works only on the Web. Google Translator is the most commonly used application among them. Some secondary services on the list are MP3 download, YoTube Music, and Microsoft Translator.
Check Point said “ the façade programs are built in an easy way: you can convert the Translator from the web to the desktop using the Chromium Embedded Framework, for example. So criminals don’t even have the trouble to develop software.”
Slowly, these malware made their scheme towards trendy sites such as Softpedia. Since 2019, Till now Google Translator Desktop by Nitrokod has been downloaded more than 112,000 times. This is how fast this malware is infecting the users.
Hackers take advantage of harmful versions of popular services and their large amount of searches on browsers. Similarly, fake Google Translator Desktop made it to the top of search results by Google itself.