As per the details shared by Computer Magazine Bleeping Computer, movie file from torrent website The Pirate Bay (TPB) consists of malware that can handle web pages and replace Bitcoin (BTC) and Ether (ETH) addresses.
The malware was previously thought to inject advertising on Google and search results. Moreover, it succeeded in some of its operations which were found by the publication's own researcher Lawrence Abrams.
“What appeared to be an ad-injector into the main Google search page turned out to be only the tip of the iceberg,” the researchers alerted.
The file consisting of malicious code is available as a movie file on TPB, particularly for the movie The Girl in the Spider's Web.
Actually, including ads and manipulating search results to display certain links first, the malware was capable to interchange crypto wallet addresses for ones owned by the attacker. This only happens when the users on windows utilize the copy+paste function and such issues were noted earlier on other malware as well.
"This method will not display any sign which could alert the user of the trick", Bleeping Computer stated: “Because the wallets are a large string of random characters, most users will likely not notice the difference between what they expected to copy and the pasted result.”
Some of the things which can be easily noticed include the fake banner which appears on the Wikipedia welcoming users to transfer BTC and ETH to particular addresses.
Crypto related malware entered in 2018 despite the performance of the crypto market was not up to the mark. Also, bitcoin and various other digital currencies were performing below the level. According to one of the reports in September 2018, the crypto malware and cryptojacking risks have been increased to 500% as compared to the last year.
A week back, one of the latest research claimed that around 4-5% of the altcoin Monero (XMR) in circulation is actually mined using malware. The total amount is equal to $56 million in profits, guardians of the statistics said.