New Windows malware uses a cunning technique to avoid detection

Nasty malware campaign has remained undetected for years

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurity researchers have discovered a dangerous strain of crypto-miningmalware, which has made its way onto Windows devices across the globe.

As detailed in areportfrom security firm Check Point, the malware is smuggled inside various legitimate-looking applications distributed via online marketplaces, including one disguised as an officialGoogleTranslate client.

Once downloaded, the apps delay the installation of malicious componentry for up to a month, in an attempt to evadeantivirusandendpoint protectionfilters. Apparently, this technique has allowed the operation to go undetected for years.

Avoiding malware infection

Although cryptominers are not typically designed to steal data or encrypt files, likeransomware, an infection can create issues of a different kind for victims.

In addition to hindering device performance, because CPU resources are set aside for mining activity, an infection can also drive a material increase in energy consumption, which could prove particularly expensive in the current climate.

In this instance, the malware is concealed within multiple legitimate-looking applications listed on Softpedia, a repository of free software, under the author name Nitrokod Inc.TechRadar Prohas asked both Softpedia and Nitrokod for comment.

Hackers are still abusing Log4j deployments, Microsoft warns>Our list of the best security keys for MFA>LastPass hacked: Should you be worried about your passwords?

Due to the length of time the campaign has been active, some of the rigged programs have been downloaded by upwards of 100,000 people, the report states. And courtesy of multiple evasion techniques, including spacing out activity and establishing afirewallexclusion, the cryptominer is able to conduct its business without raising any alarms.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

To guard against malware of this kind, web users are advised to download applications exclusively from reputable marketplaces, likeGoogle Playor the Windows Store. Equally, although some strains are capable of side-stepping security services, installing a leading antivirus solution will increase the likelihood of catching an infection.

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He’s responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Windows PCs targeted by new malware hitting a vulnerable driver

Dangerous Android banking malware looks to trick victims with fake money transfers

Latest Google Pixel update includes surprise launch of Android 15’s best battery feature