The Microsoft Security Intelligence team stated that the company has detected a large number of hackers spreading malware through using pirate streaming services and torrent downloads.
The main reason for this sudden increase is that new coronaviruses have been outbreaking around the world, people are forced to stay at home and the number of downloads of pirated content has soared.
The hackers obviously also noticed this situation, so they used a fake torrent download to hide the virus. After downloading, users may be loaded with mining modules by hidden malicious scripts.
With lockdown still in place in many parts of the world, attackers are paying attention to the increase in use of pirate streaming services and torrent downloads. We saw an active coin miner campaign that inserts a malicious VBScript into ZIP files posing as movie downloads.
— Microsoft Security Intelligence (@MsftSecIntel) April 28, 2020
Initially, the Microsoft Security Intelligence team only detected such an increase in Spain, but then many countries in South America also experienced very similar situations.
At present, this situation may continue to spread with streaming services and torrent downloads links, and more and more users will become a victim without knowing it. Similar to most mining malware, these mixed mining programs are mainly used to mine crypto coins.
At this stage, Microsoft has not detected other malicious behaviors, but mining crypto coins may make the user’s computer run significantly slower and increase power consumption.
After the outbreak of new coronaviruses, global streaming content traffic surged, and the number of users and viewing time of websites such as YouTube and Netflix also doubled.
At the same time, the number of downloads of pirated content has continued to increase. These are due to people being forced to isolate at home and only spend boring time through online content.