Bitdefender reports that some torrents one fight after another Currently available online are included PowerShell scripts and image collections that, when executed, create a memory-resident command-and-control (C2) agent. Users who download torrent files are expecting a video file, but what they are actually getting is a remote access trojan (RAT) dubbed Agent Tesla.
Simply put, the file can give hackers complete access to your computer where they can steal all kinds of personal and financial data. Or they may use your computer to infiltrate other computers.
Bitdefender’s post explains, “The Agent Tesla RAT itself is not new, but the deployment of persistent attack methods leveraging PowerShell and other LOTL (Living off the Land) tools is extremely interesting.” “To our knowledge, this particular type of attack has only been used in this torrent download.”
Once the user has downloaded the torrent folder they are directed to open CD.lnk to launch the movie. The malicious scripts are hidden inside the subtitle file, labeled part2.subtitles.srt, which executes after the user attempts to open the movie. According to Bitdefender, the subtitle file actually contains actual subtitles, but lines 100 to 103 contain batch code that launches the attack on the user’s computer.
Hiding malicious code in subtitle files has been a known method of deploying malware since at least 2017, but these specific methods are new. Bitdefender notes that Agent Tesla has been used in the past via email phishing attempts in 2023 and COVID-19 vaccination registration information in 2021.
Experienced media pirates are unlikely to fall for this attack, as it is unnecessary to execute a strange program to watch movies, which are typically distributed illegally with file types that include .mp4 and .mkv. According to Bitdefender, this torrent is “directed at novices who do not frequently download pirated content or do not understand the dangers of torrents”, which makes sense given the hype surrounding this film. This popular thing is likely to be acquired by novice pirates just looking for a free way to check it out.
The film was directed by Paul Thomas Anderson and stars an incredible cast including Leonardo DiCaprio, Sean Penn, Regina Hall, Benicio del Toro, Teyana Taylor, and newcomer Chase Infiniti. The New York Film Critics Circle named it the best film of the year. The film received nine nominations at the London Critics Circle Film Awards, which were announced on Monday, the most of any film. And it’s expected to make a splash during the next Academy Awards ceremony in March.
HBO Max also announced on Monday that the film will stream on the platform starting December 19. So there is no excuse not to stream the movie. Especially when it can turn your computer into a malware-infected zombie.
<a href