After the release of the latest Spiderman movie – SpiderMan: No Way Home – threat actors have quickly leveraged its popularity by forming a new crypto-mining malware that can hack into victims’ computers and steal their cryptocurrency assets.
From the research of security experts, the new crypto-mining malware masquerades as a torrent file for the Spiderman: No Way Home movie, offered for fans who wish to watch the popular movie for free. Upon downloading the torrent file, the malware will immediately take its course and mine the victims’ crypto wallets within their computers.
Experts attribute the 134% rise of ransomware attack cases worldwide for 2021 to the lockdown restrictions caused by the pandemic, which led threat actors to take advantage of it and develop many attack opportunities against their targets who spend most of their time online.
This issue includes the fans of the Spiderman movie franchise, who chose to watch the latest movie via pirated or torrented sites, allowing them to enjoy the movie free of charge at the ease of their own homes and safe from the threats of COVID-19.
The disguised crypto-mining malware file is identified as spiderman_net_putidomoi.torrent.exe.
Experts highlighted that the malware had circulated all over Discord and Windows Updater apps, disguising itself differently every time, including the recent Spiderman movie.
Threat actors exploit attractive files as an effective attack vector, such as the new Spiderman movie, since people are interested in these popular events and could be unknowingly lured by malware-infected files.
Upon being downloaded to a computer, the malware’s code creates exclusions to the Windows Defender to not track the malware’s activities. Then, it releases its regulators to protect against cybersecurity tools and software and create persistence.
The crypto-mining malware mines a specific cryptocurrency called Monero (XMR) due to it being one of the most untraceable crypto assets being used in the dark web. The affected users might notice the effect of the malware on their devices due to how it slows down the system and gives off issues to the computer’s overall functionality.
Security experts found the Spiderman crypto-mining malware and immediately flagged it as suspicious during a routine search. The issue is still under active research, including where the malware originated and its threat actors.