BSV
$68.88
Vol 87.57m
1.35%
BTC
$91203
Vol 50113.63m
-0.13%
BCH
$444.95
Vol 1004.68m
0.56%
LTC
$90.21
Vol 2404.84m
1.34%
DOGE
$0.36
Vol 9945.15m
-2.09%
Getting your Trinity Audio player ready...

“Spider-miner, spider-miner, does whatever a miner can.”

The latest Spider-Man film debuted this month to rave reviews and shot up to become the first film in the pandemic era to hit $1 billion in box office. As they have always done, cybercriminals are quickly taking advantage of this popularity to target their victims. This time, they are spreading Monero mining malware disguised as pirated copies of the film on torrent sites.

The malware was discovered by New York-based cybersecurity company ReasonLabs.

According to the firm, the file identifies as “spiderman_net_putidomoi.torrent.exe,” which translates from Russian to “spiderman_no_wayhome.torrent.exe.” This points to Russian cybercriminals being most likely behind the malware.

The malware, which mines Monero privacy coin, adds exclusions to Windows Defender and spawns a watchdog process to maintain its activity. It uses legitimate-looking names for the files and processes it creates on the host computer to keep from detection. For instance, it claims to be by Google.

ReasonLabs found that the malware is a version of SilentXMRMiner, a Monero miner that’s available for free on GitHub. “The project offers a comfortable GUI to compile a new miner, with the relevant information per user. After the information is supplied, all that is left is to distribute the miner,” ReasonLabs revealed.

The company said that the malware is specifically designed to mine Monero and doesn’t collect personal information or cause other types of damage. However, it leads to a surge in electricity consumption as a computer mines Monero and also slows down the device.

On how they detected the malware, ReasonLabs cybersecurity experts told ZDNet that one of their users downloaded the torrent file and their security products flagged it as a new threat. They currently haven’t established how many other victims have downloaded the malware.

“The Spiderman malware is actually a new ‘edition’ of a previously known malware that was disguised as various popular apps in the past such as ‘windows updater,’ ‘discord app,’ and now the Spiderman movie. This suggests that it’s been downloaded a lot. No one else has identified this ‘edition’ of the malware,” the team added. 

Watch: CoinGeek New York panel, Investigating Criminal Activity on the Blockchain

Recommended for you

Sentinel Node upholds heightened security with 56M snapshots
CERTIHASH keeps up with its mission to offer enterprises heightened security for their data with BSV-powered Sentinel Node, recently registering...
November 14, 2024
ODHack 9.0: Better wallet, easy testnet coins for developers
OnlyDust's ODHack 9.0 hackathon event provides developers building on the BSV blockchain with new ways to test their applications without...
November 8, 2024
Advertisement
Advertisement
Advertisement