Illegal copies of 'Spider-Man: No way Home' infected with crypto-mining malware
Spider-Man: No Way Home has been out for less than two weeks and has already shattered box office records for the entire year of 2021, becoming the second highest-grossing film of all time and hitting the $1 billion mark. The cybersecurity firm ReasonLabs has recently issued a severe warning to fans attempting to download the movie via Torrent.
ReasonLabs, which provides enterprise-grade cyber protection for users worldwide, spotted that the unauthorized versions of the latest Spider-Man instalment include a new variant of a previously-known strain of malware. The "Spiderman" virus is a type of malware that has previously been disguised as popular software such as "Windows updater" and "Discord app."
"To lure in as many victims as possible, attackers must stay up to date with trending topics." The cybersecurity firm further added:
"In this case, we are facing someone who has placed a monero miner in a torrent download of what seems to be the new movie Spider-Man: No Way Home."
Although this malware does not compromise personal information, The malware crypto miner has the ability to add Windows Defender exclusions, which means that Windows Defender might not detect the malware at all. It also incorporates a "watchdog method" for long-term stability, which ensures that only one instance of the malware is operating at any one time by killing any process with the name of its components. After then, the crypto mining malware launches two new techniques, Sihost64.exe and WR64.exe.
"The malware tries to stay away from examining eyes by using 'legitimate' names for the files and processes that it creates; for example, it claims to be by Google and drops files with names like sihost64.exe, and injects to svchost.exe," ReasonLabs elaborated.
The cybersecurity firm advised that one easy precaution is to always check that the extension of the file being downloaded matches that of the file intended to download