When downloading illegal media, there's always a risk that you'll end up downloading more than you bargained for. Malware developers love to attach their malware to fake media files to trick people into downloading them.
Now, a new attack called Peaklight is going viral and targeting people who download movies illegally.
What is Peaklight?
Peaklight is a malicious application – but it can’t cause any damage on its own. Instead, it acts as a downloader that installs damaging processes onto your PC. If you imagine Peaklight as a gun and the bullets it fires as malware, you’ll get an idea of what it does.
Google has reported that Peaklight attacks on people's systems have increased dramatically. And unfortunately for copyright violators, it specifically targets people who want to download movies illegally.
How does the Peaklight attack work?
The Peaklight downloader gets into people’s systems using a sneaky trick. A malicious actor uploads an LNK file with a custom icon disguised as a movie file. The LNK file itself is not malicious, but the malware publishers can program it to perform malicious actions. In this case, the LNK file is programmed to open PowerShell and use it to download Peaklight.
Once the malicious agent sets up the trap, it's time for them to wait for someone to trigger it.
Victims of pirated movie downloads
The attack starts when someone searches online for a movie to illegally download. They visit a website that performs an automatic download, and then the Peaklight attack is injected into their system as a ZIP file.
Inside the ZIP file is an LNK file disguised as a movie file. The victim may believe they have downloaded the movie they are looking for and double-click the file to open the "movie". This will trigger the script in the LINK file.
Victim activates downloaded LNK file
Now that the LNK file is active, it will open PowerShell and issue a command to download Peaklight. It uses special tactics to confuse anti-virus applications to hide its purpose.
Peaklight runs entirely in the computer's memory to hide its tracks, rather than running in the target's memory. This is a particularly effective trick the malware uses to make itself harder to detect, as the system's antivirus software must actively scan the RAM to detect Peaklight's presence.
Peaklight downloads its payloads to the target PC
When Peaklight runs on a target PC, it does a quick check to see if the payloads are installed. If not, it starts downloading and running malicious services. Google found it downloading LUMMAC.V2, SHADOWADDER, and CRYPTBOT, all of which are focused on stealing information like cryptocurrency wallets.
How to avoid getting infected with Peaklight
Unfortunately, pirating movies and software online is dangerous, not to mention illegal. There are many malicious actors on the Internet who aim to exploit people searching for popular movies online and trick them into downloading malicious files. So, if you’re not pirating, you’ll want to stay away from Peaklight.
Even if you don't download illegal files, this is a good lesson in how to handle automatic downloads. If you visit a website and find that it automatically downloads something to your computer without your permission, proceed with extreme caution.
Sometimes automatic downloads are perfectly safe. For example, if you find a PDF file in a Google search and click the link, your browser may automatically download the file to your hard drive. However, if the downloaded file contains something you can execute or run, it's best to delete it.
The Peaklight malware is particularly dangerous because it targets people looking for an easy way to get a free movie. If you're worried about your system being infected with malware, always enjoy media through legal means and make sure anyone else who uses your PC does the same.
Tired of Microsoft Teams "Unexpected Error" crashing your startup? Follow our step-by-step guide with the latest fixes for Solving Microsoft Teams "Unexpected Error" Startup. Get back to productive meetings in minutes!
Frustrated by Microsoft Teams "For Linux" installation error? Discover proven, step-by-step solutions for Ubuntu, Debian, Fedora & more. Fix it fast and get seamless collaboration now!
Struggling with Microsoft Teams "Password Error" because you forgot your password? Follow our step-by-step guide on how to fix Microsoft Teams password error forgot issues quickly and securely. No tech skills needed!
Struggling with Microsoft Teams "Image Error" in chat? Discover proven step-by-step troubleshooting tips to resolve image display issues fast. No more frustration—get your chats working smoothly today!
Tired of the frustrating Microsoft Teams "Free" Subscription Error blocking your meetings? Discover proven, step-by-step solutions to resolve it fast and restore smooth teamwork. Works on latest versions!
Struggling with Microsoft Teams "Web App" Browser Error? Discover proven, step-by-step solutions to resolve it fast. Clear cache, update browser, and more for seamless Teams web app access. Works on latest browsers!
Struggling with Troubleshooting Microsoft Teams Group Chat Not Loading? Discover proven, step-by-step fixes for the most common issues to get your chats loading smoothly again. Quick wins for desktop, web, and mobile.
Tired of Microsoft Teams proxy error blocking your calls? Discover simple, step-by-step fixes to resolve proxy connection issues instantly. No tech expertise required – get back to seamless teamwork!
Tired of Microsoft Teams "Time Limit" Error crashing your meetings? Follow our proven, step-by-step guide to fix it quickly—update app, clear cache, and more for seamless collaboration. Works on latest versions!
Facing Microsoft Teams Layout Error after the latest update? Discover proven step-by-step fixes to resolve layout glitches, restore perfect UI, and boost productivity fast. No tech skills needed!
Struggling with Microsoft Teams "Error K" Security? Follow our step-by-step guide to fix it quickly—no tech expertise needed. Get back to seamless collaboration today!
Struggling with Microsoft Teams Update Error 0x80070002? Discover step-by-step fixes to resolve it quickly. Clear cache, repair files, and get back to seamless updates today!
Tired of Microsoft Teams "Web Error" blocking your browser login? Follow our step-by-step guide with proven fixes to resolve Teams web login issues fast and securely. Get back to work!
Stuck with Microsoft Teams "Error O" Offline? Discover proven, step-by-step fixes to get back online fast. Clear cache, restart, and more – no tech skills needed!
Frustrated by the missing Microsoft Teams icon in Outlook? Learn exactly where to find it, why it disappears, and proven steps to restore it for effortless meetings. Updated for the latest versions!
