When downloading illegal media, there's always a risk that you'll end up downloading more than you bargained for. Malware developers love to attach their malware to fake media files to trick people into downloading them.
Now, a new attack called Peaklight is going viral and targeting people who download movies illegally.
What is Peaklight?
Peaklight is a malicious application – but it can’t cause any damage on its own. Instead, it acts as a downloader that installs damaging processes onto your PC. If you imagine Peaklight as a gun and the bullets it fires as malware, you’ll get an idea of what it does.
Google has reported that Peaklight attacks on people's systems have increased dramatically. And unfortunately for copyright violators, it specifically targets people who want to download movies illegally.
How does the Peaklight attack work?
The Peaklight downloader gets into people’s systems using a sneaky trick. A malicious actor uploads an LNK file with a custom icon disguised as a movie file. The LNK file itself is not malicious, but the malware publishers can program it to perform malicious actions. In this case, the LNK file is programmed to open PowerShell and use it to download Peaklight.
Once the malicious agent sets up the trap, it's time for them to wait for someone to trigger it.
Victims of pirated movie downloads
The attack starts when someone searches online for a movie to illegally download. They visit a website that performs an automatic download, and then the Peaklight attack is injected into their system as a ZIP file.
Inside the ZIP file is an LNK file disguised as a movie file. The victim may believe they have downloaded the movie they are looking for and double-click the file to open the "movie". This will trigger the script in the LINK file.
Victim activates downloaded LNK file
Now that the LNK file is active, it will open PowerShell and issue a command to download Peaklight. It uses special tactics to confuse anti-virus applications to hide its purpose.
Peaklight runs entirely in the computer's memory to hide its tracks, rather than running in the target's memory. This is a particularly effective trick the malware uses to make itself harder to detect, as the system's antivirus software must actively scan the RAM to detect Peaklight's presence.
Peaklight downloads its payloads to the target PC
When Peaklight runs on a target PC, it does a quick check to see if the payloads are installed. If not, it starts downloading and running malicious services. Google found it downloading LUMMAC.V2, SHADOWADDER, and CRYPTBOT, all of which are focused on stealing information like cryptocurrency wallets.
How to avoid getting infected with Peaklight
Unfortunately, pirating movies and software online is dangerous, not to mention illegal. There are many malicious actors on the Internet who aim to exploit people searching for popular movies online and trick them into downloading malicious files. So, if you’re not pirating, you’ll want to stay away from Peaklight.
Even if you don't download illegal files, this is a good lesson in how to handle automatic downloads. If you visit a website and find that it automatically downloads something to your computer without your permission, proceed with extreme caution.
Sometimes automatic downloads are perfectly safe. For example, if you find a PDF file in a Google search and click the link, your browser may automatically download the file to your hard drive. However, if the downloaded file contains something you can execute or run, it's best to delete it.
The Peaklight malware is particularly dangerous because it targets people looking for an easy way to get a free movie. If you're worried about your system being infected with malware, always enjoy media through legal means and make sure anyone else who uses your PC does the same.
There are some really outstanding Good Lock modules out there. Some of them have completely changed the way many people use their phones, making them wish they had discovered them sooner.
Compressing PDF files significantly reduces the size of PDF files, making sending files simpler in case the sent file exceeds the size limit in Gmail.
Here are the Grand Piece Online Codes updated as soon as new codes are available. Including new codes and old codes that are still active.
Try to avoid making these mistakes while scrolling on TikTok to keep your FYP in line with your preferences.
If you regularly work with data sets in Excel, you know how important it is to be able to quickly find the information you need.
A critical bug in the W3 Total Cache plugin estimated to be installed on over a million WordPress websites has been discovered that could allow attackers to access a variety of information, including metadata on cloud-based applications.
In a new post on its Tech Community website, Microsoft has announced plans to discontinue WSUS driver synchronization in favor of its latest cloud-based driver services.
The GoodLock app on Samsung smartphones opens up a world of customization features.
The third trimester is often the most difficult time to sleep during pregnancy. Here are some ways to treat insomnia in the third trimester.
What is the phenomenon of the Sun being surrounded by a circle? This article will explain in detail to you the phenomenon of the circle around the Sun.
With the launch of the new generation iPad Mini, Apple has clearly affirmed that “AI-filled” software experiences are the way the company is heading in the future.
TikTok will allow advertisers to pull content from Getty Images when using the platform's AI ad creation tool.
No one likes to see ads, but this is one of the ways social media platforms can monetize the services they provide.
People used to spend a lot of time scrolling through Netflix, overwhelmed by decision fatigue and not knowing what to watch. But after finding the Chrome extension Trim, it completely changed their Netflix experience.
Evade game code allows you to receive important items for free, giving you an initial advantage in your survival journey.
