A torrent download of Spider-Man: No Way Home may contain crypto-malware, warns a cybersecurity company.
Cryptocurrency malware got revealed in a torrent download of the new movie Spider-Man: No Way Home, according to a Bitcoin.com review. The company highlighted in a note that this miner creates exclusion to Windows Defender, creates persistence, and created a watchdog process to maintain its activity.
Reasonlabs issued the warning on Thursday, before Christmas, saying it found cryptocurrency malware in a torrent download of the hit new Spider-Man movie.
Reasonlabs, which brings enterprise-grade cyber protection for users worldwide, noted that attackers must keep up with current affairs to attract as many victims as possible. That is why they use very fashionable topics that everyone knows. The cybersecurity firm indicated:
Malware in Spider-Man
Spider-Man: No Way Home has approached a $ 1 billion mark at the box office, according to various media reports, making it the highest-grossing film of 2021. The last installment in the Spider-Man series, No Way Home, is the first film released during the Covid-19 pandemic to reach the $ 1 billion mark.
The entity thinks that the file likely originated from a Russian torrent website. According to the entity, the miner creates persistence and generates a watchdog process to keep going with its activity.
Malware tries to avoid eye tests by using legitimate names for the files and processes it creates. According to ReasonLab, the malware claims to be from Google and drops files with names like sihost64.exe and Pass them into svchost.exe.
The cybersecurity firm cautioned that the best precaution is to verify that the extension of the file getting downloaded matches the file that is about to get downloaded.
A movie file must end with .mp4 and not with .exe. The firm added that if users want to see the actual file extension and open a folder, they must go to ‘View’ and check ‘File name extensions. This action will ensure that users see the complete file type.
Insistent Malware
There are many ways in which mining malware tries to trap users. In 2020, it got reported that at least 35,000 computers of Latin American users got infected with Monero mining malware. In December 2019, a photo of singer and actress Taylor Swift also struggled with a Monero mining malware.
Also, earlier this month, Google took steps to disrupt a botnet that was leveraging the Bitcoin blockchain to spread malware among thousands of Windows devices.
Glupteba Harmed at Least One Million Computers
According to the report, hackers expand the malware through third-party free download sites that offer pirated videos and games. Unsuspecting users clicked the download link to receive a Trojan virus that infected their computers.
In one of these cases, the attackers even used a fake YouTube video download site to trick victims into installing their malicious code. Once on the computer, the malware hides and intends to spread to any connected device. Hackers can use the malware to install additional malicious payloads, opening many gateways to steal login credentials.
By: Jenson Nuñez
