A security website Bleepingcomputer.com reported that a package of extensive exploits found in a fake copy of a torrented movie falsified search results and redirected cryptocurrency payments.
The exploit suite was found in a fake copy of the movie The Girl in the Spider’s Web which targets the Windows operating system only. While very robust, the exploit is only able to target fast-clickers, as the malicious file is not even a media playing filetype, but instead a .LNK shortcut. Bleepingcomputer reports that according to security experts “weaponized .LNK files are common in pirated content.”
The file opens many attack vectors where one of them produces fake ads and search results on Google and Yandex. This is done by hijacking both Chrome and Firefox browsers to do its bidding where the extensions needed for it to function are downloaded. It redirects searches for things like “spyware” to custom, fake anti-spyware software which is in fact yet more malicious software.
Wikipedia has also targeted by the same issue. This happens when sometimes on visiting the site, a fake donation box injected into the page that appears presenting bitcoin and ether addresses (neither has seemed to phish too much coin).
The exploit specifically targets crypto, too, by scanning websites for crypto addresses and replacing them with the attackers’ own addresses. The user, in most cases, does not even notice anything and copies the wrong address into a transaction field. To protect themselves from these attacks, users are always advised to double check the addresses they’re sending funds to.
Security when it comes to cryptocurrency has been a recurring problem. this has also resulted in the introduction of many strict rules, guidelines, and regulations when it comes to handling and managing digital assets. While the persisting vulnerability of South Korean exchanges persists, reports also show that a mere 16% of the top 135 crypto asset exchanges got top marks on security.