JK Simmons arrives at the premiere of "Spider-Man: No Way Home" at the Regency Village Theater on ... [+]
Jordan Strauss / Invision / AP
Security firm ReasonLabs is warning movie fans that pirated copies of Spider-Man: No Way Home contain crypto mining malware.
The film is the first to gross more than $ 1 billion at the box office. But with no way yet to watch the movie at home, it has been leaked on torrent sites for the past two weeks.
Now, ReasonLabs says it is found malware used to mine the Monero cryptocurrency in a file called "spiderman_net_putidomoi.torrent.exe", Russian for "spiderman_no_wayhome.torrent.exe".
The source of the file, he says, is likely a Russian torrent website and he hopes to find out more soon.
"Although this malware does not compromise personal information (which is what most users fear when they think of a virus on their computer), the damage that a miner causes can be seen in the user's electricity bill," he says. the signature.
โIt is real money that they have to pay, since the miner works for long periods. Also, damage can be felt on a user's device as miners often require high CPU usage, causing the computer to drastically slow down. "
The malware appears to be derived from the open source SilentXMRMiner project, available on GitHub, which has a point-and-click interface that allows for the easy creation of new miners that can work with a variety of cryptocurrencies.
Once the movie is downloaded, it adds exclusions to Windows Defender to stop tracking malware actions, creates persistence, and spawns a watchdog process to maintain its activity. It then begins mining Monero, a comparatively untraceable and anonymous cryptocurrency, for the benefit of its creators.
ReasonLabs says it has found several different versions - "some more obfuscated than others" - that can evade many types of traditional antivirus software.
"We recommend extra caution when downloading content from any kind of unofficial sources, be it a document in an email from an unknown sender, a decrypted program from a suspicious download portal, or a file from a torrent download," says the firm.
"An easy precaution you can take is to always check that the file extension matches the file you expect, for example, in this case, a movie file must end with '.mp4', not '.exe'."
This year, cryptocurrency mining overtook spyware as the world's most common malware, with NTT Global Threat Intelligence Report 2021 finding that it accounted for 41 percent of all malware detected last year.
According to the report, while crypto miners were relatively rare in Asia, they dominated activity in Europe, the Middle East, and Africa, and are used in a variety of woder and woder circumstances.
