Crypto mining malware has invaded hundreds of thousands of computers globally. The malware has been operating since 2019, and it has been using PCs to mine the Monero (XMR) privacy coin.
Check Point Research published a report on Monday detailing the activities of a crypto mining malware that has gone undetected for years. The malware has avoided detection because of its functional design that installs it weeks after the initial software has been downloaded into the PC.
The malware in question is linked to a Turkish-speaking software developer claiming to provide secure and free software. The malware program invades PCs using fake desktop versions of leading apps like YouTube Music, Microsoft Translate, and Google Translate.
The malware installation process comes after a scheduled task mechanism. The installation takes several days, after which the sneaky Monero crypto mining operation will start. The research said that the crypto mining malware had infected PCs in 11 countries.
The Check Point Research also said that the malware had created forgeries of leading software downloading sites such as Uptodown and Softpedia. The programs were downloaded hundreds of thousands of times. The forged desktop version of Google Translate on Softpedia has around a thousand reviews and a rating of 9.3 out of 10.
Malware design helps to avoid detection
The malware in question has been hard to detect. Even after the PC user launches the fake software, they cannot detect anything wrong because the fake apps will provide the same functions the legitimate apps offer.
Most of the programs run by the hacker can be easily created from the official web pages through a Chromium-based framework. This allows them to boost the functional programs loaded with the malware without developing them from scratch.
More than a hundred thousand people across 11 countries have fallen prey to this malware. The countries affected include the United States, the United Kingdom, Sri Lanka, Cyprus, Australia, Greece, Turkey, Mongolia, Germany, and Mongolia.
PC users have been given several security tips that they can use to avoid being scammed by malware and other similar malware. These tips include looking out for fake domain names, website spelling errors, and emails sent from unfamiliar sources.
Additionally, it is also advisable that users only download software from authorized locations, vendors, and known publishers. One should also guarantee that the endpoint security is up to date and provides comprehensive oversight.
