Many people are downloading an illegal version of Ariana Grande’s latest CD. The file hides a trojan virus capable of stealing bank credentials
There is no better way to spread a virus on the Web than injecting it inside software or multimedia content that millions of people would like to download from the Internet, possibly for free. And, in fact, this is exactly the stratagem chosen by hackers to spread a trojan that steals your banking credentials. The content in question is “Thank U, Next”, the latest album by Ariana Grande.
The news that a pirated version of the last artistic work of the American singer is infected and the malware is already running. The infection happens through a compressed file in WinRAR format, named “Ariana_Grande-thank_u,_next(2019)_[320].rar”, illegally downloadable from many torrent sites. It is possible that other renamed versions of this file are already circulating after the news spread. According to Check Point researchers, the potential victims of this attack could be up to 500 million.
Why you should not illegally download Ariana Grande’s album
It would be a fairly new trojan, so much so that only 21 out of 69 leading antivirus engines would be able to detect it. In reality, however, this malicious code exploits a 19-year-old WinRAR vulnerability, which is why the company rushed to release a patch to patch this flaw in .rar files, including the one of Ariana Grande’s pirated album. Users who have updated WinRAR to version 5.70 should be protected, while others are not. There are about half a billion WinRAR users worldwide, hence the calculation of potential victims of this banking trojan
The mechanism of the virus spread involves that once the compressed file containing pirated songs is extracted, a file called hi.exe is created inside the Windows Start menu folder. Upon the first reboot of the PC this file is executed and launches the infection. Considering that Ariana Grande has a huge and global audience, it is easy to understand how the choice of hackers is not random at all. The single “Thank U, Next”, published on YouTube on November 30, 2018, currently has over 340 million views. Ariana Grande is also the first female artist in Spotify’s history with no less than three albums that have surpassed 2 billion streams.