1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Watch out those movie downloads could actually just be vicious n

    From TechnologyDaily@1337:1/100 to All on Mon Aug 26 19:30:05 2024
    Watch out those movie downloads could actually just be vicious new Windows malware

    Date:
    Mon, 26 Aug 2024 19:25:00 +0000

    Description:
    Hackers are once again hiding malware in pirated movie files, this time targeting Windows users.

    FULL STORY ======================================================================

    Be careful when looking for pirated movies online - experts have warners many files are out there just to infect your Windows PCs with dangerous malware
    and infostealers.

    Cybersecurity researchers from Mandiant have recently discovered a new
    malware dropper, infecting victims with Lumma Stealer, Hijack Loader, and CryptBot.

    Lumma, for example, is a known piece of malware thats been extensively
    covered by the media. It is capable of grabbing passwords stored in popular browsers, cookies, credit card information, and data related to
    cryptocurrency wallets. Lumma is offered as a service, for a subscription fee ranging between $250 and $1,000. Downloading malware

    The dropper is dubbed PEAKLIGHT. It appears to be brand new, and works as a memory-only dropper: "This memory-only dropper decrypts and executes a PowerShell-based downloader," Mandiant said in a technical write-up.

    The researchers saw the dropper in .ZIP archives on the internet, pretending to be pirated movies. These archives contained a Windows shortcut file (.LNK) which, when ran, connects to a content delivery network (CDN) hosting an obfuscated, memory-only, JavaScript.

    "PEAKLIGHT is an obfuscated PowerShell-based downloader that is part of a multi-stage execution chain that checks for the presence of ZIP archives in hard-coded file paths," Mandiant added. "If the archives do not exist, the downloader will reach out to a CDN site and download the remotely hosted archive file and save it to disk."

    Pirated content, including movies, music, software, and books, have been used to distribute malware for years. During the Covid lockdowns, as people were stuck inside and looking for ways to kill the time, many turned to pirated content - and hackers took advantage, distributing malicious cryptocurrency-mining malware via fake film torrents.

    The movie John Wick: Chapter 3 - Parabellum - which was a blockbuster hit at the time, was one of the movies used to distribute malware.

    Via The Hacker News More from TechRadar Pro Microsoft just revealed another reason not to download movies illegally Here's a list of the best firewall software around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/watch-out-those-movie-downloads-could-a ctually-just-be-vicious-new-windows-malware


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)