Sunday, December 4

“Spider-man: No Way Home” torrent hides cryptocurrency mining malware

Cyber ​​attackers are taking advantage of the great popularity of the new Marvel movie “Spider-man: No Way Home”, To spread crypto-mining malware on its victims’ computers. The malicious software would be hidden in an unauthorized download of the film on torrent, revealed the cybersecurity company Reason Lab.

The researchers gave the alert via the official blog of the company, last week. According to the report, they detected a Monero (XRM) mining software that had been attached to a copy of “Spider-Man: No Way Home”, corresponding to a Russian torrent.

«The file is identified as ‘spiderman_net_putidomoi.torrent.exe‘, which is translated from Russian as’spiderman_no_wayhome.torrent.exe‘. Most likely the source of the file is from a Russian torrent website, “says the report.

Reason Labs explained that it is common for attackers to use trending topics to capture as many victims as possible. The “hype»Caused by the film“Spider-man: No Way Home”, Which has collected more than a billion dollars in its first two weeks, make it a promising tool in the strategy of cybercriminals.

The researchers point out that the attackers went to great lengths to disguise the malware using “legitimate” names to go unnoticed by antivirus, and even visually reviewing the code. In this case, the malware impersonates Google files and also disables Windows Defender features.

Although the report clarifies that the malware does not compromise the personal information of the victims, it does visibly affect the performance of the computers, due to the high CPU consumption required by the mining software. Also, “the damage a miner causes can be seen in the user’s electricity bill,” Reason Labs notes.

Cryptojacking skyrocketed in 2021 along with price growth

Malware dedicated to installing unauthorized cryptocurrency mining software, known as “cryptojackers,” allows the cybercriminal to secretly use their victim’s computer to mine, severely affecting its performance. Is calculated that the loading speed of applications can be reduced by between 5 and 10, when affected by cryptojacking.

One report mid-year 2021 of the European Union Cybersecurity Agency (ENISA), already reported a record growth of cryptojacking attacks. As in the case of the infected copy of “Spider-man: No Way Home”, Monero, a privacy-focused cryptocurrency, is the favorite of cybercriminals in up to 35% of these malware.

The aforementioned report notes that the closure of Coinhive in March 2019 contributed to a decline in cryptojacking attacks, but in 2020 they rebounded again, coinciding with the bullish rally in the cryptocurrency market. The increase stood at 117% in the first quarter of the year, although a report October speaks of the figures quadrupled compared to 2020.