Google’s cybersecurity company, Mandiant, has detected a new type of malware targeting people who download pirated movies. This virus, called “Peaklight,” not only exposes those who download illegal movies to legal issues in their country but also to serious security risks.
Pirated movie watching isn’t just about legal consequences
According to Mandiant, Peaklight operates stealthily in the computer’s memory, making it difficult to detect. The virus uses a PowerShell-based downloader to install additional malware onto the system. Through this method, cybercriminals can infiltrate the user’s device with dangerous programs like Lumma Stealer, Hijack Loader, and CryptBot.
Malicious actors spread Peaklight by hiding it in ZIP files named after popular movies, which contain Windows shortcut files (LNK). When the user opens this file, a connection to a hidden source is established, and malicious JavaScript code is downloaded and executed. This code activates Peaklight via PowerShell and facilitates the download of other malicious software.
The fact that Peaklight runs in memory makes it harder for traditional antivirus programs to detect. Mandiant researchers Aaron Lee and Praveeth D’Souza highlighted the virus’s complex structure and warned users of its dangers.
Experts emphasize that downloading movies from illegal sources carries significant risks. Users are advised to avoid downloading content from unreliable sources and to use up-to-date security software. Additionally, they should exercise caution before opening suspicious files and, if possible, opt for legal platforms.
{{user}} {{datetime}}
{{text}}