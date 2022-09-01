For friends who often use translation tools, for the convenience of use, you may have downloaded the desktop version of Google Translate on the Internet. It should be noted that a recent report issued by a foreign IT security organization pointed out that some online “Malicious mining software” disguised as Google Translate desktop and other applications, as long as users install it, it will secretly occupy your computer resources for mining in the background. If you feel that your computer is slow, this is probably the reason.

If you’ve ever downloaded and installed Google Translate for desktop (or any other unofficial web application), it’s probably a miner

A few days ago, IT security organization Check Point Research released a research report on “Detection of Crypto Miner Malware Disguised as Google Translate Desktop and other legitimate applications”. The text stated that they had discovered a previously undisclosed Nitrokod cryptominer. Mining activities, thousands of devices may have been infected around the world.

This mining activity is hidden in useful apps like Google Translate Desktop, Yandex Translator, Microsoft Translate, YouTube Music, MP3 Downloader, and auto-shutdown apps, mostly built with Chromium, and These malicious mining software are also placed on very well-known software download sites abroad: Softpedia and Uptodown:



In addition, it is easy to find relevant results by entering relevant keywords in Google search, such as: Google Translate desktop version download. At present, the official has not launched its own desktop version, so most of the top rankings may be malicious digging by Nitrokod. Mining software version, and for users who do not understand computers very well, there is a chance to install them by mistake.

And you may not feel any problems after installation, because it will indeed provide relevant functions, and it will not appear any suspicious behavior (such as: mining) at the first time, and will wait for the user to restart the system within four days at least four It will start running only once, which means waiting for several weeks. The reason for this is mainly to avoid sandbox detection.

In addition, these malicious miners also remove installation traces, making it harder for users to find suspicious activity. If it finds signs that the virtual machine is running, it will not start the mining city, so it is difficult to catch:



So, if you have ever downloaded the desktop version of Google Translate on the Internet, or any other tool that has not officially launched a desktop version, it is best to pay attention, because this is likely to be secretly encrypted, if you can delete it as soon as possible, after deleting It is also recommended to use anti-virus software to scan to avoid any files that slip through the net.

In fact, Chrome and Microsoft Edge browsers have a built-in function to make any website into a desktop version (web application). The operation is very simple. If you don’t know, we have written a tutorial before, if you need people can click me to read:

