Spider-Man: No Way Home Leaks Targeted by Monero-Mining Malware (Report)

It appears that hackers are finding new avenues to exploit non-suspecting victims and take advantage of their computing power. This time, the primary tool to use are leaks of the new Spide-Man: No Way Home movie.

• Spider-Man: No Way Home premiered on December 17th, 2021 – merely a week ago, in the US.
• For the short time being, it has already become the third-most successful movie of the year, according to box office statistics.
• Data from Box Office Mojo shows that it’s the top-grossing movie in 2021, raking in over $350 million during its premiere week alone.
• Naturally, a movie so popular would also create an off-the-books demand for leaked releases on the Internet, most commonly – in the form of torrent downloads.
• New research, however, reveals that it’s these releases that have been heavily targeted by hackers.
• The study concludes that hackers have been placing Monero miners in torrent downloads of the new movies.
• For those unaware, malware is a piece of coding that’s not part of the publisher’s intent and is designed to exercise various processes in the background without the user’s knowledge and consent.
• In this case, the miner would also add exclusions for Windows Defender, spawn a watchdog process to upkeep its activity, and create persistence.

Per the research:

The malware tries to stay away from examining eyes, by using ‘legitimate’ names for the files and processes that it creates; for example, it claims to be by Google and drops files with names like sihost64.exe, and injects to svchost.exe.

• Somewhat expectedly, Monero has been the cryptocurrency of choice for hackers, supposedly because of its enhanced privacy features.
• XMR is also the coin that black-hats prefer when it comes to ransomware demands. As CryptoPotato reported earlier this year, someone demanded $100 million in XMR from the computer giant Acer after installing ransomware on its systems.