Bobos & Wojaks

Get rich or die tryin

‘Spider-man: No Way Home’ Illegal Copies Infested With Crypto Mining Malware


People attempting to download an unauthorised copy of “Spider-Man: No Way Home” are in for a rude awakening, since versions on “torrent” sites that link to illegal copies of movies were discovered to include a constant cryptocurrency miner as an unwelcome extra.

According to Reason Cybersecurity Ltd. researchers, the unauthorised versions of the latest Spider-Man instalment incorporate a new variation of a previously known strain of malware. The spyware, called “Spiderman,” is described as a version of malware that previously masqueraded as popular software such as “Windows updater” and “Discord app.”

The malware crypto miner has the ability to add Windows Defender exclusions. It also includes a “watchdog method” to ensure consistency. The researchers explain that when the virus is first started, it will kill any process with the name of one of its components to ensure that only one instance is operating at any one time. The crypto mining virus then launches two new processes: Sihost64.exe and WR64.exe.

“It’s been highly typical for threat actors to attach crypto miners and other malware to popular torrent files for over a decade,” said Jasmine Henry, field security director at JupiterOne Inc., a cyber asset management and governance solutions provider. “Security teams should examine company acceptable usage policies and educate employees on a regular basis that illicit peer-to-peer file sharing at home or on work devices poses serious security threats.”

“Someone wanting to implant malware, using a delivery system where users are less likely to reach out for ‘technical support’ if something seems off or even admit to peers or family that their computer might be acting strange, gives an increased chance of my malware executing in the first and, once it does, a lower risk of it being discovered and removed,” said Casey Ellis, founder and chief technology officer at crowdsourced security platform company Bugcrowd Inc.


According to Sean Nikkel, senior cyber threat intelligence analyst at digital risk prevention firm Digital Shadows Ltd., putting a crypto miner or similar malware in a tempting file, such as the new Spider-Man film or other trendy media properties, is nothing new.

“There are certainly many genXers and millennials who recall downloading random files from strangers on Kazaa and Limewire in pursuit of uncommon or free MP3 or video files and ending up with a Trojan or similar nastiness,” Nikkel said. “Unfortunately, the strategy was carried over into the Torrent world.” Many individuals have downloaded the erroneous file, thinking it was a popular movie, TV show, or fresh remix.”