Spider-Man: No Way Home Leaks Targeted by Monero-Mining Malware (Report)
It appears that hackers are finding new avenues to exploit non-suspecting victims and take advantage of their computing power. This time, the primary tool to use are leaks of the new Spide-Man: No Way Home movie.
- Spider-Man: No Way Home premiered on December 17th, 2021 – merely a week ago, in the US.
- For the short time being, it has already become the third-most successful movie of the year, according to box office statistics.
- Data from Box Office Mojo shows that it’s the top-grossing movie in 2021, raking in over $350 million during its premiere week alone.
- Naturally, a movie so popular would also create an off-the-books demand for leaked releases on the Internet, most commonly – in the form of torrent downloads.
- New research, however, reveals that it’s these releases that have been heavily targeted by hackers.
- The study concludes that hackers have been placing Monero miners in torrent downloads of the new movies.
- For those unaware, malware is a piece of coding that’s not part of the publisher’s intent and is designed to exercise various processes in the background without the user’s knowledge and consent.
- In this case, the miner would also add exclusions for Windows Defender, spawn a watchdog process to upkeep its activity, and create persistence.
Per the research:
The malware tries to stay away from examining eyes, by using ‘legitimate’ names for the files and processes that it creates; for example, it claims to be by Google and drops files with names like sihost64.exe, and injects to svchost.exe.
- Somewhat expectedly, Monero has been the cryptocurrency of choice for hackers, supposedly because of its enhanced privacy features.
- XMR is also the coin that black-hats prefer when it comes to ransomware demands. As CryptoPotato reported earlier this year, someone demanded $100 million in XMR from the computer giant Acer after installing ransomware on its systems.