"Spider-miner, spider-miner, does everything a miner can."
The latest Spider-Man movie debuted this month to rave reviews and skyrocketed to become the first film in the pandemic era to hit $ 1 billion at the box office. As they always have, cybercriminals are quickly taking advantage of this popularity to target their victims. This time around, they are spreading Monero mining malware disguised as pirated copies of the movie on torrent sites.
The malware was discovered by New York-based cybersecurity company ReasonLabs.
We identified a Monero miner attached to a 'Spider-Man: No Way Home' torrent download.
Read all about it on ZDNet 👇🏼 #cryptojacking #malware #ReasonLabshttps://t.co/2eRUy0zVdp
- ReasonLabs (@Reasonsecurity) December 23, 2021
According to the company, the file is identified as "spiderman_net_putidomoi.torrent.exe", which translates from Russian as "spiderman_no_wayhome.torrent.exe". This points to the fact that Russian cybercriminals are probably behind the malware.
The malware, which Privacy Coin Mines Monero, adds exclusions to Windows Defender and generates a watchdog process to maintain its activity. It uses legitimate-looking names for the files and processes it creates on the host computer to avoid detection. For example, it claims to be from Google.
ReasonLabs discovered that the malware is a version of SilentXMRMiner, a Monero miner that is available for free on GitHub. “The project offers a comfortable GUI to compile a new miner, with the relevant information per user. Once the information is provided, all that is left is to distribute the miner, ”revealed ReasonLabs.
The company said the malware is specifically designed to mine Monero and does not collect personal information or cause other types of damage. However, it leads to an increase in electricity consumption as computer mines Monero and also slows down the device.
On how they spotted the malware, cybersecurity experts at ReasonLabs He said ZDNet that one of its users downloaded the torrent file and its security products flagged it as a new threat. They have not currently established how many other victims have downloaded the malware.
“The Spiderman malware is actually a new 'edition' of a previously known malware that disguised itself as various popular applications in the past, such as 'Windows Updater', 'Discord app' and now the Spiderman movie. This suggests that a lot has been downloaded. No one else has identified this 'edition' of the malware, "the team added.
See: CoinGeek Panel in New York, Investigating Criminal Activity on Blockchain
New to Bitcoin? Take a look at CoinGeek's Bitcoin for beginners , the ultimate resource guide to learning more about Bitcoin, as originally envisioned by Satoshi Nakamoto, and blockchain.
