Unlawful Downloads of ‘One Battle After One other’ Include Harmful Malware

One Battle After One other has been hailed as top-of-the-line films of the yr, producing Oscar buzz in each main class. However if you happen to’re hoping to observe the movie at dwelling, it’s greatest to keep away from unlawful downloads, significantly on this case. Safety researchers have found malware in some torrents of the film that may flip any Home windows PC right into a zombie agent.

Bitdefender reports that some torrents of One Battle After One other at the moment out there on-line comprise PowerShell scripts and picture archives that, when executed, construct a memory-resident command-and-control (C2) agent. Customers who obtain the torrent information predict a video file, however they’re really getting a Distant Entry Trojan (RAT) that’s been dubbed Agent Tesla.

Put merely, the file can provide hackers full entry to your laptop the place they’ll steal every kind of non-public and monetary information. Or they’ll use your laptop to infiltrate different computer systems.

“The Agent Tesla RAT itself shouldn’t be novel, however the deployment of consecutive assault strategies leveraging PowerShell and different LOTL (Dwelling Off the Land) instruments is extremely attention-grabbing,” the put up from Bitdefender explains. “Based on our insights, this explicit kind of assault has been used solely on this torrent obtain.”

As soon as a person has downloaded the torrent folder they’re directed to open CD.lnk to launch the film. The malicious scripts are hidden contained in the subtitles file, labelled Part2.subtitles.srt, that are executed after the person tries to open the movie. The subtitles file really has actual subtitles, however traces 100 to 103 comprise batch code that begin the assault on the person’s laptop, in accordance with Bitdefender.

Hiding malicious code in subtitles information has been a identified methodology of deploying malware since at the very least 2017, however these particular strategies are new. Bitdefender notes that Agent Tesla has been used previously via electronic mail phishing makes an attempt in 2023 and covid-19 vaccination registration info in 2021.

Skilled media pirates are unlikely to fall for this assault, since executing an odd program is pointless for watching films, that are usually distributed illegally with file sorts that embrace .mp4 and .mkv. This torrent is “directed at novices who don’t usually obtain pirated content material or perceive the risks of torrents,” in accordance with Bitdefender, which is sensible given the hype round this film. One thing this in style is prone to get beginner pirates simply in search of a free approach to test it out.

The movie was directed by Paul Thomas Anderson and has an unbelievable ensemble forged together with Leonardo DiCaprio, Sean Penn, Regina Corridor, Benicio del Toro, Teyana Taylor, and newcomer Chase Infiniti. New York Movie Critics Circle named it greatest image of the yr. The movie picked up 9 nominations on the London Critics’ Circle Movie Awards, which have been introduced Monday, essentially the most of any movie. And it’s anticipated to do exceptionally properly through the subsequent Academy Awards ceremony in March.

HBO Max additionally introduced Monday that the movie can be streaming on the platform beginning Dec. 19. So there’s no excuse to torrent the movie. Particularly when it’d flip your laptop right into a malware-infected zombie.