Malware Disguised as Movie File Even Steals Cryptocurrency

By Daniel T. | January 16, 2019
Malware Coming Through Movie Torrent File Steals Cryptocurrency.

Downloading malware hidden in certain fake movie torrent files on The Pirate Bay (TPB) reportedly leads to several mischievous activities on computers running Windows, and even plants links to phish crypto from unsuspecting users.

Bleeping Computer, an information and security website, reported in detail on this latest discovery on January 12. It noted that while malware on TPB is nothing new, how this malware infects a computer and the many ways in which it does so are “quite interesting”. It was first discovered in a TPB file tagged as a copy of a hacker movie called “The Girl in the Spider’s Web”.

The malware is based on a common .LNK file weaponized to inject inconspicuous-looking ad content by hackers into the top results of search engines like Google and Yandex.

On Wikipedia pages, the malware inserts a false banner asking for donations and says Wikipedia now accepts donations in cryptocurrency, which in reality are channeled to scammers’ wallet addresses. The malware is even able to replace accurate wallet addresses on websites to redirect funds to its scammers.

“Because the wallets are a large string of random characters, most users will likely not notice the difference between what they expected to copy and the pasted result,” adds Bleeping Computer.

Tags: , , , ,