Cybersecurity researchers have discovered a dangerous strain of crypto-mining malware, which has made its way onto Windows devices across the globe.
As detailed in a report (opens in new tab) from security firm Check Point, the malware is smuggled inside various legitimate-looking applications distributed via online marketplaces, including one disguised as an official Google Translate client.
Once downloaded, the apps delay the installation of malicious componentry for up to a month, in an attempt to evade antivirus and endpoint protection filters. Apparently, this technique has allowed the operation to go undetected for years.
Avoiding malware infection
Although cryptominers are not typically designed to steal data or encrypt files, like ransomware, an infection can create issues of a different kind for victims.
In addition to hindering device performance, because CPU resources are set aside for mining activity, an infection can also drive a material increase in energy consumption, which could prove particularly expensive in the current climate.
In this instance, the malware is concealed within multiple legitimate-looking applications listed on Softpedia, a repository of free software, under the author name Nitrokod Inc. TechRadar Pro has asked both Softpedia and Nitrokod for comment.
Due to the length of time the campaign has been active, some of the rigged programs have been downloaded by upwards of 100,000 people, the report states. And courtesy of multiple evasion techniques, including spacing out activity and establishing a firewall exclusion, the cryptominer is able to conduct its business without raising any alarms.
To guard against malware of this kind, web users are advised to download applications exclusively from reputable marketplaces, like Google Play or the Windows Store. Equally, although some strains are capable of side-stepping security services, installing a leading antivirus solution will increase the likelihood of catching an infection.
English
Arabic
Belarusian
Bengali
Bosnian
Bulgarian
Chinese (Simplified)
Croatian
Czech
Danish
Dutch
Estonian
Filipino
Finnish
French
Georgian
German
Greek
Gujarati
Hausa
Hebrew
Hindi
Hmong
Hungarian
Igbo
Indonesian
Italian
Japanese
Javanese
Kazakh
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latvian
Lithuanian
Macedonian
Malagasy
Norwegian
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Thai
Turkish
Ukrainian
Vietnamese
Yoruba