Spider-Man: No Way Home pirated copies on torrent websites found infected with crypto-mining malware

Spider-Man: No Way Home has been a blockbuster in global theatres, bringing back the fond memories of the favourite childhood superhero of many. However, those downloading pirated copies of the latest Marvel movie are receiving more than just memories. The pirated copies come with cryptocurrency mining malware, researchers have warned.

Downloading a pirated copy of Spider-Man: No Way Home from a torrent website can be an invitation to a mining malware, Reason Cybersecurity researchers have warned. As per the researchers, many pirated copies of the movie, which are being shared over the internet, include a cryptojacking malware under the file name "spiderman_net_putidomoi.torrent.exe."

Once the malware infects a system, it is successfully able to hijack its computing power and redirect it to mining the privacy coin Monero. In a blog, ReasonLabs researchers state that the malware is "most likely from a Russian torrenting website."

Since it is a cryptojacking malware, it does not attempt to steal information from a target system. However, it drastically increases a PC's CPU usage for mining the cryptocurrency, ultimately leading to an increase in the electricity bill. Researchers warn that the miner runs for long periods and gradually slows down an infected device.

Researchers do not yet know the number of times the malware has been downloaded. They do, however, mention that the malware has been in existence for some time now.

The malware is not easy to detect. As per the researchers, once the malware infects a system, it adds exclusions to Windows Defender. In addition, it spawns a watchdog process to continue untracked mining on the victim CPU. This means that the malware kills any process that shares the name of its components. This way, it makes sure that only one instance is running at a time.

The researchers warn people against downloading such kinds of content from illicit sources. An easy precaution, the blog notes, is that users should always check the file extension to be sure of what they are downloading. For example, a movie file should end with ".mp4", not ".exe". Users should perform a thorough check on the content they download and the source they download it from.

A similar way of spreading malware is being practised by the perpetrators of DarkWatchman, an extremely hard-to-detect malware that can execute remote commands and transmit valuable data to the threat actor. The malware is being spread as a ZIP attachment found in phishing emails. The ZIP file contains a text file, which is, in fact, an executable file in disguise. The file is able to install the RAT and keylogger on the target system. You can read all about DarkWatchman here.