Many people have resorted to illegal means to watch the latest Spiderman film. However, a cybersecurity firm, reason labs, has warned that such downloaders’ computers might be exposed to crypto-mining malware. The firm further disclosed that malware is installed with the Spiderman movie currently circulating on torrent sites.
The goal of those who installed the malware is to hijack each downloader’s pc and use it to mine the Monero coin. The file is called “spiderman_net_putidomoi.torrent.exe,” which is Russian for the word “spiderman_no-wayhome.torrent.exe.” Hence, the cybersecurity firm has hinted that the source of the malware might have been Russia.
This Monero token miner establishes a “watchdog process” while sidelining the PC’s antivirus software. Then the malware eliminates any process sharing a similar name with its components. Finally, the malware launches the XMRIG (the Monero mining rig) after launching two unique processes (wr64.exe and sihost64.exe). Reasonlabs made a detailed explanation of the download hijacking in a lengthy blog post shared on the microblogging platform Twitter.
We identified a Monero miner attached to a torrent download of 'Spider-Man: No Way Home.'
— ReasonLabs (@Reasonsecurity) December 23, 2021
The cybersecurity firm remarked that the malware doesn’t utilize users’ personal details maliciously, and the affected users would only know because their electricity bills and CPU usage would become unusually high. Hence, their pcs won’t be performing optimally. Reasonlabs warned the general public to desist from downloading any file from torrent sites or other illegal sources. It further stated that if it is compulsory to download, PC users have to be overly cautious.
The Strange Malware
Marvel studios’ ‘Spiderman: no way home” has attracted large viewership among fans since its debut a few days ago, with theater ticket sales grossing more than $700 as of this writing. Reasonlabs’ researchers state that many security-conscious users won’t suspect malware in the downloaded file because it is not written in .net, and it easily evades virus total’s check.
The Virus-Total app is a virus detecting tool many PC owners install to guard against virus installations unknowingly. Even though the number of pcs affected remains unknown, Reasonlabs claim that the malware has been in existence before the release of the latest Spiderman movie.
The Rising Malicious Phenomenon
Since the start of this year, there have been rising cases of cryptojacking globally. Cryptojacking involves including crypto mining software into a user’s PC without their knowledge. Between January and June 2021, trend micro (a cybersecurity firm) identified more than 70K cases of crypto-jacking phenomenon.
A few weeks ago, one of the top-level executives at Sophos (another cybersecurity company) noticed the crypto-jacking miner affected firms’ networks was to mine Monero. Cybercriminals usually incorporate Monero-mining malware because Monero has features that make mining its tokens untraceable.
Regulators and government security agencies continue to make attempts at cracking this privacy feature. The IRS (in the last 12 months) has pledged at least $1.30m for any company that develops the tool(s) that can trace Monero transactions. Even though Ciphertrace firm (a cybersecurity expert firm) announced it had made a breakthrough, there haven’t been any updates regarding their breakthrough, which was announced eight months ago.
HeraldSheets.com produces top quality content for crypto companies. We provide brand exposure for hundreds of companies. All of our clients appreciate our services. If you have any questions you may contact us. Cryptocurrencies and Digital tokens are highly volatile, conduct your own research before making any investment decisions. Some of the posts on this website are guest posts or paid posts that are not written by our authors and the views expressed in them do not reflect the views of this website. Herald Sheets is not responsible for the content, accuracy, quality, advertising, products or any other content posted on the site. Read full terms and conditions / disclaimer.