Don’t Download Movies from Random Sites, Warns Microsoft


Satya Nadella-led tech giant Microsoft has issued a fresh warning for those internet users who download movies as they could be putting themselves at a major risk.

In a series of tweets, through its Security Intelligence account, Microsoft has explained in detail what it found on the web and how exactly it poses a danger.

Tanmay Ganacharya, director of security research of Microsoft Threat Protection told Cyberscoop, “Lots of people are stuck at home looking to fill time, and not everyone is going to watch only what’s available through [streaming] services,” said. “Attackers use some popular movies as lures. And then they ensure that their malicious payload is part of the overall packages that a user ends up downloading.”

As per Microsoft’s findings, John Wick 3 and Contagion have been among the popular movies that internet users are trying to download. Malicious file names include “contagio-1080p,” “John_Wick_3_Parabellum,” “Punales_por_la_espalda_BluRay_1080p,” and “La_hija_de_un_ladron” and “lo-dejo-cuando-quiera,” according to Microsoft.

As per the Cyberscoop report, an attack starts with hackers disguising a malicious file in the same .zip folder that includes a movie torrent. “When a victim opens a .zip file saved from a piracy site, they also trigger a malicious VBScript, a text file. That VBScript then uses BITSAdmin, a legitimate Microsoft protocol, to download a second-stage component, then tries to inject a coin-mining code into the machine’s memory,” adds the report.

Once the crypto-mining malware affects the machine, it will run in the background “forever” and users won’t be able to notice it unless they check why their computer starts running slowly.

“The campaign, primarily observed in Spain but has also shown up in some South American countries, aims to launch a coin-mining shellcode directly in memory. We’re seeing the campaign affecting a wide range of customers, from home users to enterprises,” said Microsoft in a tweet.


Leave a Reply

Your email address will not be published. Required fields are marked *