Key Takeaways:
- Reasonlabs cybersecurity firm has warned that cryptocurrency malware has been discovered in a torrent download of the new Marvel movie Spider-Man: No Way Home.
- Reasonlabs recommend exercising extra caution when downloading content from non-official sources, whether it’s a document in an email from an unknown sender, a cracked programme from a fishy download portal, or a file from a torrent download.
- This malware does not compromise personal information, the damage that a miner causes can be seen on the user’s electricity bill.
Reasonlabs cybersecurity firm has warned that cryptocurrency malware has been discovered in a torrent download of the new Marvel movie Spider-Man: No Way Home. “This [crypto] miner creates persistence, adds exclusions to Windows Defender, and spawns a watchdog process to keep track of its activity,” the firm explained.
Reasonlabs is a cybersecurity firm that provides enterprise-grade cyber protection for users worldwide. They noted that “To lure in as many victims as possible, attackers must stay up to date with trending topics.” Further, the firm elaborated it by saying that “In this case, we are facing someone who has placed a Monero miner in a torrent download of what seems to be the new movie Spider-Man: No Way Home”.
Reasonlabs explained that “The file identifies itself as ‘spiderman_net_putidomoi.torrent.exe,’ which translates from Russian to ‘spiderman_no_wayhome.torrent.exe.’” The firm believes that the file most likely originated from a Russian torrenting website. According to the cybersecurity firm “This miner adds exclusions to Windows Defender, creates persistence, and spawns a watchdog process to maintain its activity.”
Reasonlabs described that “The malware tries to stay away from examining eyes, by using ‘legitimate’ names for the files and processes that it creates; for example, it claims to be by Google and drops files with names like sihost64.exe, and injects to svchost.exe”.
Reasonlabs recommend exercising extra caution when downloading content from non-official sources, whether it’s a document in an email from an unknown sender, a cracked program from a fishy download portal, or a file from a torrent download. One simple precaution, according to the cybersecurity firm, is to always check that the extension of the file being downloaded matches that of the file intended to download. A movie file, for example, should end in “.mp4” rather than “.exe.” “To make sure you see the real file extension, open a folder, go to ‘View,’ and check ‘File name extensions,” according to the company. This ensures that you see the entire file type.”
Although this malware does not compromise personal information, the damage that a miner causes can be seen on the user’s electricity bill. This is real money that they have to pay, given that the miner runs for long periods. Furthermore, the damage can be felt on a user’s device because miners frequently require high CPU usage, causing the computer to slow down significantly.
