Spider-Man: No Way Home Leaks Targeted by Monero-Mining Malware (Report)

It appears that hackers are finding new avenues to exploit non-suspecting victims and take advantage of their computing power. This time, the primary tool to use are leaks of the new Spide-Man: No Way Home movie.

Spider-Man: No Way Home premiered on December 17th, 2021 – merely a week ago, in the US.
For the short time being, it has already become the third-most successful movie of the year, according to box office statistics.
Data from Box Office Mojo shows that it’s the top-grossing movie in 2021, raking in over $350 million during its premiere week alone.
Naturally, a movie so popular would also create an off-the-books demand for leaked releases on the Internet, most commonly – in the form of torrent downloads.
New research, however, reveals that it’s these releases that have been heavily targeted by hackers.
The study concludes that hackers have been placing Monero miners in torrent downloads of the new movies.
For those unaware, malware is a piece of coding that’s not part of the publisher’s intent and is designed to exercise various processes in the background without the user’s knowledge and consent.
In this case, the miner would also add exclusions for Windows Defender, spawn a watchdog process to upkeep its activity, and create persistence.

Per the research:

The malware tries to stay away from examining eyes, by using ‘legitimate’ names for the files and processes that it creates; for example, it claims to be by Google and drops files with names like sihost64.exe, and injects to svchost.exe.

Somewhat expectedly, Monero has been the cryptocurrency of choice for hackers, supposedly because of its enhanced privacy features.
XMR is also the coin that black-hats prefer when it comes to ransomware demands. As CryptoPotato reported earlier this year, someone demanded $100 million in XMR from the computer giant Acer after installing ransomware on its systems.

Read More?

Post is imported from RSS feed, by one of our guest editors. G6 does not edit or moderate the content. G6 is not responsible for your actions. No rights owned by G6. To remove the post, please email us at [email protected]

No Comments

Sorry, the comment form is closed at this time.