New Spider-Man Movie Torrent Contains Malicious XMR Mining Program

December 29, 2021, 10:30 AM AEST - 7 months ago

Cybercriminals have to keep up with the latest trends in order to continue running their scams, so it comes as no surprise they’re exploiting the popularity of blockbuster movie Spider-Man: No Way Home as a way to launch crypto-malware attacks.

Fans are urged to be careful when downloading pirated copies of the newest edition of the film as cybercriminals have uploaded a Monero miner code on a torrent download file.

Scammers Hiding Crypto Miner Malware in Torrent Files

Experts from ReasonLabs have reported details of a new malware attack in which scammers embed a Monero (XRM) miner code on a torrent download file for the Spider-Man film. The warning was first issued on December 23, along with details that the torrent file for the movie is named “spiderman_net_putidomoi.torrent.exe” in Russian.

The name translates to “spiderman_no_wayhome.torrent.exe” and the filename has led experts to believe that the malware did in fact originate from a Russian torrenting website.

Once the file is downloaded, the crypto-malware exploits the computer’s power to mine Monero, a privacy coin that operates with untraceable transactions. This type of attack is not as severe as others and does not affect computer performance, but will drive a victim’s power bill sky-high due to its massive energy consumption. Police agents have conceded that hackers are using legitimate names, so the program tends to go unnoticed by antivirus software.

Researchers at ReasonLabs have provided an example of the malware’s details:

What the malware file meta looks like. Source: ReasonLabs

In order to keep from downloading the malware, users are urged to look carefully at aspects such as the file type. A real film should end with the suffix “.mp4” while a crypto-malware file ends with “.exe”. Fans should be especially cautious when downloading content from the internet and are discouraged from downloading a file in Torrent and from other non-official sources.

News of the scam came soon after Bitcoin penny stock BitTorrent soared 80 percent ahead of its Mainnet Launch, which took place earlier this month.

Crypto Scams Continue on the Rise

As more crypto projects launch, more opportunities are created for scammers to take advantage of unwitting users. Late last month, Crypto News Australia published an article detailing a Threat Horizons report released which indicated that 86 percent of hacked accounts were being used to mine cryptocurrencies. Poor security measures were cited as the main reasons for malicious actors being able to infiltrate accounts.

Although the scam found in the Spider-Man torrent is not particularly dangerous, last month an insidious and highly sophisticated crypter was found in the crypto community. Named the “Babadeda” crypter, the malware is still targeting crypto enthusiasts on the popular community chat app Discord.

Disclaimer: The content and views expressed in the articles are those of the original authors own and are not necessarily the views of Crypto News. We do actively check all our content for accuracy to help protect our readers. This article content and links to external third-parties is included for information and entertainment purposes. It is not financial advice. Please do your own research before participating.