Microsoft has issued a warning over new dangers associated with streaming and downloading movies illegally, having identified a fresh malware campaign that targets would-be pirates.
Illegal streaming and torrenting sites have experienced a significant upturn in traffic since lockdown measures were introduced across the globe, as people seek out economical ways to stave off boredom.
In a Twitter thread, Microsoft explained that hackers are capitalising on this spike in piracy, distributing malicious cryptocurrency-mining malware via fake film torrents.
The issue is reportedly most prevalent in Spain, with popular local titles such as La hija de un ladrón and Lo dejo cuando quiera used to infect unwitting victims. But hackers are also using English language blockbusters – such as John Wick: Chapter 3 – Parabellum – to spread the mining malware.
Torrenting is a type of peer-to-peer file sharing that sees multiple individuals offer up their files to facilitate a download, as opposed to the recipient relying on a single file source. While the practice is technically legitimate, torrents are most famously used to circulate pirated films, series and music – and sometimes malware.
“With lockdown still in place in many parts of the world, attackers are paying attention to the increase in use of pirate streaming services and torrent downloads,” said the Twitter thread from Microsoft Security Intelligence.
“We saw an active coin miner campaign that inserts a malicious VBScript into ZIP files posing as movie downloads…We’re seeing the campaign affecting a wide range of customers, from home users to enterprises,” the firm added.
Once the crypto-mining malware has infected the target machine, it runs indefinitely in the background, siphoning processing power and internet bandwidth. The only indication of its presence is a slowdown in computer performance.
While the malware does not appear to be circulating on the most popular torrenting websites (such as Pirate Bay) and the campaign has not yet arrived in English-speaking territories, users are nonetheless advised to proceed with caution.