Cybersecurity firm ReasonLabs has reported hidden Monero mining malware in pirated copies of the latest Spider-Man movie.
ReasonLabs warned that users who are trying to download illegal copies of the movie “Spider-Man: No Way Home” from torrent sites can download the infected file “spiderman_net_putidomoi.torrent.exe”. Given the name of the file, ReasonLabs believes that its source “is most likely a Russian torrent tracker.”
According to cybersecurity experts, after getting on the victim’s device, the malware adds its files to the exceptions of the built-in Windows Defender antivirus. Next, two new files Sihost64.exe and WR64.exe are launched, and then the XMrig miner for mining Monero.
ReasonLabs draws attention to the fact that even if a virus program does not steal personal information, it is dangerous for the device and causes damage to the user. Due to mining, the load on the central processor increases, which slows down the operation of the device. This can lead to overheating and damage to the equipment. In addition, hidden mining increases power consumption.
ReasonLabs recommends that you “take extra care when downloading any content from unofficial sources.” A virus can infect both a document in an email from an unknown sender, and a hacked program from a suspicious site or a file from a torrent tracker.
Let’s remind that this year Google has declared a real war on “Russian hackers”. Earlier this month, the corporation filed a lawsuit against the founders of Glupteba Enterprise Dmitry Staroviko and Alexander Filippov, accusing them of cryptojacking and data theft. The lawsuit says they used a botnet using the Bitcoin blockchain.
Last month, the Google Threat Analysis team announced a series of phishing attacks on YouTube channels. The company attributes the attacks to hackers recruited on Russian-language forums. Russian-speaking hackers have hacked YouTube channels for cryptocurrency scams, analysts said.
