No Way Home Leaks Targeted by Monero-Mining Malware (Report) https://ift.tt/3FmWRTr

No Way Home Leaks Targeted by Monero-Mining Malware (Report)

https://ift.tt/3pmVVsK


It appears that hackers are finding new avenues to exploit non-suspecting victims and take advantage of their computing power. This time, the primary tool to use are leaks of the new Spide-Man: No Way Home movie.

  • Spider-Man: No Way Home premiered on December 17th, 2021 – merely a week ago, in the US.
  • For the short time being, it has already become the third-most successful movie of the year, according to box office statistics.
  • Data from Box Office Mojo shows that it’s the top-grossing movie in 2021, raking in over $350 million during its premiere week alone.
  • Naturally, a movie so popular would also create an off-the-books demand for leaked releases on the Internet, most commonly – in the form of torrent downloads.
  • New research, however, reveals that it’s these releases that have been heavily targeted by hackers.
  • The study concludes that hackers have been placing Monero miners in torrent downloads of the new movies.
  • For those unaware, malware is a piece of coding that’s not part of the publisher’s intent and is designed to exercise various processes in the background without the user’s knowledge and consent.
  • In this case, the miner would also add exclusions for Windows Defender, spawn a watchdog process to upkeep its activity, and create persistence.

Per the research:

The malware tries to stay away from examining eyes, by using ‘legitimate’ names for the files and processes that it creates; for example, it claims to be by Google and drops files with names like sihost64.exe, and injects to svchost.exe.

  • Somewhat expectedly, Monero has been the cryptocurrency of choice for hackers, supposedly because of its enhanced privacy features.
  • XMR is also the coin that black-hats prefer when it comes to ransomware demands. As CryptoPotato reported earlier this year, someone demanded $100 million in XMR from the computer giant Acer after installing ransomware on its systems.
SPECIAL OFFER (Sponsored)

Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month

(

terms

).

PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to get 25% off trading fees.

Source link

Cryptocurrency

Get In Touch