BTCNN
BTCNN
BTCNN aim to be the key source for both digital currency experts and newbies. With the cryptocurrency industry growing so fast we want to educate our readers about all the latest developments as they happen.

Malware Posing as Movie File Manipulates Results and Steals Cryptocurrency

A new form of malware posing as movie file was discovered last year and was designed to steal cryptocurrency and inject manipulated results into popular sites such as Google, Yandex, and Wikipedia. The surprising thing is that, even after a year of its discovery and several reports of the attack, there’s hardly any confirmed solution to the crypto malware.

Watch me

The malware, while not completely original, has been noticed for its creativity and perfected obscurity: lying right under the nose of an eager movie watcher unseen. As common these days, the malicious file was found waiting in the host of torrented and pirated movies on notorious website, The Pirate Bay.

the pirate bay

This is not the first time that malware of any sort has been found on the popular torrent site; as a matter of fact, the Pirate Bay itself was widely accused of secretly mining cryptocurrencies with its users’ computers last year. However, the new method of infiltration—hail the Trojan Horse—employed by this simple malware accompanied by the astonishingly high number of malicious activities associated with it is definitely interesting.

The malware has sure been lying there for some time, until a security researcher dubbed 0xffff0800 discovered it. The expected wonderful movie—not so great if you are a not a cypherphunk—is the hacker film, The Girl in the Spider’s Web (official trailer). Earlier in the year, a researcher with the hex name reportedly found a .LNK file as a shortcut nestled within the download files and the suspicious icon drew his attention to it. A careful run through the VirusTotal antivirus scanning service revealed some interesting results with some intentionally false in a bid to shroud the main effects.

More in-depth research has however uncovered some details about the thriller hacker movie poised to steal your cryptocurrencies.

The Hackers Poison

The .LNK file is said to execute a PowerShell command which surreptitiously extracts a script from the shortcut. According to BleepingComputer, the malware is a lot more sophisticated than earlier believed, and the initial discovery of the malware’s injection of ads into Google and Yandex’s search results is the least of the problem.

While the malware targets Google’s Search Results by manipulating the top results displayed to a required taste, it also collects fake donations on Wikipedia pages. Once the malware is activated, an ad-banner would appear on the Wikipedia page announcing Wikipedia’s new policy in receiving digital currencies as donations. The Bitcoin and Ethereum addresses given are also part of a more elaborate plan to replace any wallet addresses found on the web page with the scam one: a development that is less likely to be noticed given the length and randomness of a wallet address.

Users have been warned of getting movies from torrent trackers, which in the long run might cost them more than a few hours of entertainment.

Latest articles

Scary Inverse Fractal Predicts a Bitcoin Correction Is Imminent

Bitcoin has embarked on a spectacular rally over the past few months. After bottoming in the $3,000s in the March, the asset surged as high...

POLS Price Surges Thanks to MXC Yield Mining, Token Listing Tonight

Polkastarter is one of the new hot projects in the cryptocurrency space today. At its core, it allows for interoperable token pools on the...

‘$2.6 Trillion’ Stimulus Bill With Second Direct Payments to Americans Ready for Voting

US lawmakers are intensely discussing a new stimulus package that could cost between $2.2 trillion and $2.6 trillion. The bill could be voted on...

Why Chainlink was a “top choice” in new Blockstack integration

Blockstack and Chainlink are joining forces to integrate the Blockstack and Algorand-supported Clarity smart contract language with the latter’s industry-leading oracle technology, according to...

Chainlink, Cosmos, Dash Price Analysis: 1 October

A swirl of bullish momentum was seen in the entire crypto market as each of the top 15 cryptocurrencies recorded gains in the last...