A Turkish-based cryptocurrency malware called Nitrokod has infected over 100,000 personal computers across 11 countries.
What Happened:Anew reportfrom cybersecurity firm Check Point Research found that a malware application disguised as popular desktop applications has been making its way across the globe, largely undetected since 2019.
.@_CPResearch_ detected a #crypto miner #malware campaign, which potentially infected thousands of machines worldwide. Dubbed Nitrokod, the attack was initially found by Check Point XDR. Get the details, here: https://t.co/MeaLP3nh97 #cryptocurrecy #TechnologyNews #CyberSec pic.twitter.com/ANoeI7FZ1O Check Point Software (@CheckPointSW) August 29, 2022
The application portrays itself as legitimate software likeAlphabet IncsGOOGL GOOG Google Translate and YouTube Music orMicrosoft CorporationsMSFT Microsoft Translate.
After being installed on a users desktop, the trojanized malware unleashes a multi-stage infection that ends with crypto mining malware. To avoid detection, the malware is first executed only a month after Nitrokod is first installed, found the security researchers.
The infection chain continued after a long delay using a scheduled task mechanism, giving the attackers time to clear the evidence, said Check Point Research.
The cryptocurrency miner is installed on personal devices in stage 6 of the infection process. The miner installed corresponds to the privacy coinMoneroXMR/USD .
UnlikeBitcoinBTC/USD andEthereumETH/USD , Monero uses cryptography to shield the senders and receivers addresses and the amount transacted.
See Also:IS MONERO SAFE?
Price Action:At press time, XMR was trading at $150, up 0.27% over the last 24 hours, as per data fromBenzinga Pro. Meanwhile, BTC was trading at $20,082, up 1.2% in 24 hours and ETH was trading at $1,557, up 1.8% over the same period.
