Hackers and cybercriminals are astute. They understand how to entangle today’s consumers and online surfers in their web — by catching their interest with the most recent trends. Perhaps this is why, in 2021, there were 714 million attempted ransomware assaults (134 percent more than in 2020).
One of the most enticing baits available to today’s malware minions is digital access to new movies. Spiderman: No Way Home is a great illustration of this. The film is currently one of the most talked-about in the film industry. It had an official opening weekend gross of $260 million, making it the second-largest box office debut in history.
Viewers are eager to obtain the film in any way possible, even downloading “leaked” versions from the internet. Unfortunately, many attractive files available on the internet are frequently too good to be true. ReasonLabs researchers detected hidden crypto-mining malware woven into the code of a torrent download for No Way Home and discovered it.
Mining Cryptocurrency Spiderman
The Spiderman malware is designed to mine Monero (XMR), an untraceable, anonymous cryptocurrency popular on the Dark Web, according to ReasonLabs, a cybersecurity detection and prevention software business.
Spiderman net putidomoi.torrent.exe, like most cunning criminal files, identifies itself as spiderman net putidomoi.torrent.exe, which roughly translates to no wayhome torrent in Russian. The malware is currently not signed or created for.net, and it isn’t listed in the Virus Total listings.
When a user downloads the file, presuming it’s a Spiderman torrent, the code begins working with svchost.exe, building persistence strategies, adding exclusions to Windows Defender, and spawning watchdogs to help maintain activity.
While you may not be able to see what’s going on, the assault will force your computer to start mining cryptocurrency without your permission. Your electricity bill may suffer as a result of your devices using more power to mine.
Miners also use a lot of CPU power, thus your computer’s performance will probably suffer as well. You may not notice anything until your computer begins to lag and your electricity bill skyrockets.
What Methods Did ReasonLabs Use To Detect Malware?
During a normal search of the files in their database, ReasonLabs detected the Spiderman virus (full report here). During normal scans, the business comes across questionable files due to its massive malware database. When ReasonLabs encounters a questionable file, it flags it and checks for its presence in other databases. The Spiderman file was downloaded by a ReasonLabs user, and the database immediately recognized it as a new threat.
It’s difficult to determine how many times the torrent file has been downloaded, according to ReasonLabs, but there’s evidence the technology has been there for a long time. Before posing as Spiderman, this virus was known as Discord, the Windows Updater, and other similar names.
ReasonLabs is now investigating the miner’s origins and intends to release more information to the public soon. However, there’s a significant likelihood that the problem has already impacted a lot of people.
Crypto-Miners Are Becoming A Serious Problem
In today’s digital environment, as people spend more time online, the marketplace is getting increasingly flooded with security risks. Crypto-miners attached to blockbuster movie files isn’t exactly a novel idea. It’s a method that miners have been employing for years to get people to download their files.
According to ReasonLabs, “we’re continually seeing miners deployed under the garb of common programs, fascinating files, popular apps, and so on.” “In the last few years, crypto-miners buried in this technology have become highly popular since they give quick money.”
Cryptojacking is when malware tailored for crypto-mining is installed in the background. Cybercriminals embed malware in famous files like the Spiderman movie in order to improve their coin mining capacity tremendously.
A miner’s computational power determines how much cryptocurrency they can produce. Cryptojacking a group of computers is far less expensive than purchasing a huge number of expensive crypto mining rigs.
Trend Micro further warns that the harm to cryptojacked computers extends beyond performance concerns, dramatically increased power usage, and hardware wear and tear. Between January 1 and June 24, 2017, the company’s sensors detected over 4,900 bitcoin miners, resulting in over 460,000 bitcoin-mining actions, according to the company. Over 20% of the miners, according to Trend Micro, also launched web- and network-based attacks.
Files claiming to be Spiderman: No Way Home torrents allow hackers to gain access to as many victims as possible for their crypto efforts by deceiving them into believing they can get their hands on something they dearly want.