Fake Movie injects malicious content into high profile sites

[silversurfer]

A malicious Windows shortcut file disguised as a movie on The Pirate Bay torrent tracker is capable of injecting malicious content from the attacker into high-profile websites as well as for stealing cryptocurrency.

A security researcher who goes by the twitter handle 0xffff0800 discovered the malware masquerading as a video file for the movie  “The Girl in the Spider’s Web” that was actually a .LNK shortcut that executed a PowerShell command.

The researcher shared samples of the malware to Bleeping Computer’s Lawrence Abrams who further analyzed samples and learned the malware is capable of poisoning Google, Wikipedia, Yandex and other high profile search sites, according to a. Jan. 12 blog post.

On Google, for example, the malware could inject malicious search result onto a user’s page so that the attacker’s promoted content appear at the top of a user’s results.

Source: https://www.scmagazine.com/home/security...ile-sites/