The pirate streaming sites for movies used by millions users. The Microsoft says that during this time, this phenomenon is even more common due to forced confinement. But cybercriminals are taking advantage of this situation to contaminate. victims with malware delivered through fake movie torrents.
"As lockdown continues in many parts of the world, attackers are paying attention to the increasing use of pirates. streaming sites and torrent downloads, ”said the Microsoft research team.
Fake movies install coin miners in memory
The attackers behind this campaign are mainly targeting household users from Spain and some South American countries. Their goal is installing a coinminer in the memory of the compromised device.
The malicious one VBScript is "camouflaged" using popular Hollywood movies such as: John Wick: Chapter 3 - Parabellum and is delivered using filenames such as "John_Wick_3_Parabellum" and "contagio-1080p", as well as Spanish titles: "Punales_por_la_espalda_BluRay_1080p", "La_hija_de_un-dejo -ra" and ".
If victims run VBScript on their computers, the installation of other malicious payloads in the background, with abuse living-off-the-land binaries (LOLbins), as legal tool command-line BITSAdmin.
One of these additional malware is one AutoIT script which decodes a second-stage DLL in memory of the infected computer, which will then load a third DLL that imports cryptocurrency mining code.
"The use of torrent downloads is in line with our observation that intruders are re-using old techniques to take advantage of the current crisis," Microsoft added.
Oscar-winning films are also being used as baits for phishing attacks
Of course, this is nothing new. Popular movies and TV shows are often used as baits for social engineering. Many times, the hackers promise movie previews on pirated streaming sites, while actually infecting victims' computers with malware.
"To avoid being deceived, do not use pirated streaming sites, but legally, to ensure that you can enjoy a nice night in front of the TV without having to worry about various threats," said the researchers.