Malicious Torrent File Malware Threatens Crypto Addresses


A new malware has been caught lately that proves its capability to alter the users’ crypto addresses or steal the cryptocurrencies through a link on the Pirate Bay, the most popular torrent tracker. The malware is found to hit the Windows operating system by disabling the Windows Defender. The torrent file malware possesses the ability to redirect all the cryptocurrency payments from the infected devices and trips a chain of other malicious activities on the victim’s computer.

It is found that the torrent file malware victimizes those who are inexperienced with the Pirate Bay site or are fast clickers who click on the links overlooking them. The initial detection revealed over 2000 seeders. Basically, the malware victimized those who visited the link of the movie ‘The Girl in the Spider’s Web’ which is just a movie about a hacker.

The initial updates on the torrent file malware threatening the crypto addresses was revealed through a twitter handle “@0xffff0800” who was the first to discover the file and noticed that in place of the movie, there was an .LNK shortcut having low detection rate.

Not only the crypto addresses are threatened but once the malware gets installed in your device, it will affect other websites such as the Wikipedia or Google Search results. The torrent file malware injects a JavaScript code to some websites. In case of Google, the search results are all fake attacker promoted links while in Wikipedia, fake banner promoting cryptocurrency donations are seen. Once the victim clicks on the links, his/her cryptocurrencies will get transferred to the attacker’s wallet.

Initially, it was thought that malware is the most famous CozyBear Malware that first attacked in the year 2008. But later BleepingComputer dismissed the assumptions and stated it to be just an.LNK shortcut.


Please enter your comment!
Please enter your name here