Movie Virus Hijacks Windows Computers to Steal Cryptocurrencies

A movie virus is on the loose, and it seems to be affecting only computers running on the Windows operating system. The said malware which has reportedly gotten over 2,000 downloads pretends to be a torrented movie, The Girl in the Spider’s Web. However, upon its download, it launches ads on web browsers and falsifies the payment address on websites, a media outlet reports.

Malicious File Gets Downloaded From Torrent Website

Based on findings, the source of the malware is from the torrent site, The Pirate Bay (TPB). TPB has been said to be a popular ground for malicious files of this nature. The details of the event that led to the discovery of the virus file show that a security researcher detected it after he downloaded the said movie on his computer.
Upon scanning the file with an Antivirus software, it only revealed a low-level threat even though the computer had been hijacked. As a result, search engines like Google, Bing, and Yandex on being accessed, automatically displays an advertisement which the attacker is using to monetize.

Virus Attack on Web Addresses

Also, Wikipedia now has a cryptocurrency donation button thanks to the effect of the virus. Therefore, a user upon visiting any of the site’s pages will be prompted with a message that the platform now accepts virtual currencies. They are also encouraged to make donations using either of three payment addresses – Bitcoin and Ethereum that have been displayed.
Asides being an ad-injector, the virus also uses its own payment addresses to replace with any Bitcoin and Ethereum address it finds on websites. Here, these addresses are replaced to that of the attacker, and as such, a user on making a payment will send it to the wrong address.

Malware is a .LNK File Which Executes a PowerShell Command

The video file in question is reportedly a .LNK file which has been used since 2013 in pirated videos. This is a file that executes a PowerShell command whose mode of operation extracts a script from the file and begins to carry out its instructions. Accordingly, operators of torrent sites have been admonished to be careful while on the lookout for free versions of videos.
Crypto-related crimes have been on the increase recently, given that these digital assets have been massively adopted over the past year. Therefore, it is not uncommon to see attacks of this nature. In a recent BTCNN report, SIM swapping is a method used to hack a person’s phone number to steal their digital assets from exchanges.

Related posts
BitcoinBitcoin NewsbtcusdBTCUSDCBTCUSDTNewsxbtusd

Software Giant Palantir Joins the Bitcoin Race, Hints At Gigantic BTC Buy

What do Tesla, Time magazine and WeWork have in common? All companies have, in the last three months, announced either a significant investment in cryptocurrency or a newfound acceptance of it as a means of payment from customers. The most…
cryptocurrencyCryptocurrency NewsebayNewsNFT

NFTs Land Great Feat On eBay

NFTs are everywhere these days. Iconic tweets, digital art, and even memes are being turned into NFTs and sold for everything from a few dollars to millions of dollars each. More and more marketplaces are taking shape to sell NFTs…
cryptocurrencyDOGEdogecoinDOGEUSDElon MuskNewstesla

Dogecoin Blows Hot As ‘Dogefather’ Elon Musk Considers Making DOGE A Payment Option At Tesla

Dogecoin was expected to race to the moon after Elon Musk’s SNL performance, but the asset took the bearish route and dipped until nearly 40% of its value was lost. The crypto went from a high of $0.73 to a…