Cybersecurity researchers have discovered a dangerous way to mine crypto malicious softwareit has made its way into Windows devices worldwide.
as detailed in a Report (opens in new tab) Malware from security firm Check Point was smuggled into various legitimate-looking apps distributed through online marketplaces, including one disguised as the official Google Translate client.
Once downloaded, the apps delay the installation of malicious components for up to a month in an attempt to evade antivirus software and Endpoint Protection filter. Apparently, this technique kept the operation undiscovered for years.
Avoid Malware Infections
Although cryptominers are generally not designed to steal data or encrypt files, e.g. ransomwarethe infection can cause different types of problems for the victim.
In addition to hindering device performance, infections can also cause a substantial increase in energy consumption, which can be particularly expensive in the current environment, as CPU resources are reserved for mining activities.
In this case, the malware was hidden in multiple legitimate-looking applications listed on Softpedia, a free software repository authored by Nitrokod Inc. Tech Radar Pro Comments have been sought from Softpedia and Nitrokod.
Some of the manipulated programs have been downloaded by more than 100,000 people due to the length of the campaign, the report states.and benefit from a variety of evasion techniques, including spacing activities and establishing a firewall Excluded, crypto miners are able to go about their business without raising any alarms.
To protect against such malware, web users are advised to download applications only from well-known marketplaces such as Google Play or the Windows Store. Also, while some strains are able to evade security services, installing a leading antivirus solution will increase the likelihood of infection.