The Spider-Man No Way Home movie, which has just been released, can already be downloaded online. Not surprisingly, hackers are usually quick to broadcast to their screeners on the web. But beware: one of the files circulating on p2p networks is hiding cryptomining software. And to top it off, the malware is capable of obscuring the vigilance of Windows Defender.
Yes Spider-Man No Way Home is currently a hit with the cinema, he who collected more than a billion dollars, the film is already available illegally on the Web. But beware of sites that offer you to grab this movie, as it could be malware.
Spotted by ReasonLabs, a file pretending to be the Marvel movie is currently circulating on the network torrent. Be careful and do not download it especially: it is actually malware. Once installed on your PC, it will use your machine’s resources to mining cryptocurrency, then send the fruit of its labor to the hackers behind its deployment.
Read also: Bitcoin – beware, the Windows Cryptbot malware seeks to steal your cryptocurrencies
Spider-Man No Way Home torrent hides cryptomining malware
At this time, the malware in question is not recognized by VirusTotal, but should be recognized quickly. More annoying, it especially escapes the vigilance of Windows Defender. According to ReasonLabs, “this miner adds exclusions to Windows Defender, creates persistence and generates a monitoring process to keep its activity”.
The torrent comes in the form of an executable titled spiderman_net_putidomoi.torrent.exe, a Russian filename that translates to spiderman_no_wayhome.torrent.exe. It should come as no surprise that the filename is in that language, since pirated movies often originate from Russia. In addition, nothing obviously prevents hackers from distributing a localized version in the coming days.
Read also: cryptocurrency – the price of the Omicron explodes thanks to the new variant of Covid-19
Once executed on a PC, the malware is able to start one process and inject its resources into another process. And its preferred target is a component necessary for the proper functioning of Windows, namely svchost.exe (a generic process that allows you to load DLLs). The good news is that the malware does seem to compromise the personal data of its victim’s PC. This is what emerges from the analysis carried out by ReasonLabs, which managed to decode the malware. The bad news is that the malware will use your PC’s resources to mine cryptocurrency.
Its effects are not immediate, but should be felt after a few hours or days. Due to the installed cryptomining software, the PC becomes slower and its power consumption higher.
