Popular unofficial desktop version of Google Translate contains malware, researchers say

If you’re using an unofficial desktop version of Google Translate, you may want to run a quick antivirus scan on your computer.

A popular application allowing users to access Google Translate directly from their desktop (as opposed to their browser) has turned out to be a “crypto miner malware campaign” that’s affected thousands of users across at least 11 countries. While Google does not have an official desktop version of Google Translate, there are some unofficial Google Translate desktop applications that have gained traction — one, from the Turkey-based Nitrokod, dropped malware on users’ computers for years, completely undetected. 

“After the initial software installation, the attackers delayed the infection process for weeks and deleted traces from the original installation,” reads a blog post from Check Point Research, which discovered the malware and reported their findings earlier this week. “This allowed the campaign to successfully operate under the radar for years.”

According to Check Point Research, Nitrokod has been active since 2019, and operates several other unofficial desktop applications for popular programs like Yandex Translate and Youtube Music. The Google Translate app was Nitrokod’s most popular.

As the researchers note, Nitrokod was able to go under the radar and remain unnoticed, despite relative popularity because the app would take months to actually have a real effect. Additionally, the apps are fully functional, so unsuspecting users would have nothing to worry about.

“The malware drops almost a month after the infection, and following other stages to drop files, making it very hard to analyze back to the initial stage,” CPR’s blog post reads. As CPR notes, once the malware has been executed, the user’s machine is utilized to begin mining cryptocurrency.

While Google does have an iOS app for iPhone users to access Google Translate from their phone, it does not have a desktop application. Users are recommended to access the platform via Google’s website or by using a browser extension.

RELATED ARTICLES

Andrew Warner
Andrew Warner is a writer from Sacramento. He received his B.A. in linguistics and English from UCLA and is currently working toward an M.A. in applied linguistics at Columbia University. His writing has been published in Language Magazine, Sactown Magazine, and The Takeout.

Weekly Digest

Subscribe to stay updated