A miner with a side of RAT: the unintended gift with your TV show or book

A cybercrime campaign active since at least 2022 has been distributing cryptocurrency miners and RAT malware through illegal streaming sites and digital libraries. Victims are tricked via fake video player plugin updates or browser crash pages into downloading ZIP archives containing legitimate executables and malicious DLLs. The malware employs DLL side-loading, establishes persistence through Windows services, and deploys multiple components including XMRig-based CPU miners, GPU miners, a watchdog module, and a RAT agent with remote control capabilities. The campaign leverages highly popular pirated content sites with monthly traffic reaching up to 40 million visits, significantly expanding the potential victim pool. The malware includes sophisticated anti-detection features, DNS tunneling for command-and-control, and domain generation algorithms based on dates.

Pulse ID: 6a181f75cd4fa08fe38dfc48
Pulse Link: https://otx.alienvault.com/pulse/6a181f75cd4fa08fe38dfc48
Pulse Author: AlienVault
Created: 2026-05-28 10:56:53

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #CyberCrime #CyberSecurity #DNS #InfoSec #Malware #OTX #OpenThreatExchange #RAT #WatchDog #Windows #ZIP #bot #cryptocurrency #AlienVault

#GiftArticle

How #PredictionMarkets & #Crypto Firms Steamrolled a #Watchdog Agency With Trump’s Blessings

Last fall, a high-stakes struggle unfolded inside the red brick walls of an obscure federal agency.

Three companies — each with ties to the #Trump family’s business empire — needed the Commodity Futures Trading Commission [#CFTC] to bless their ambitions in the white-hot field of prediction markets.

#law #business #oversight #regulation #fraud #kleptocracy
https://www.nytimes.com/2026/05/24/us/how-prediction-markets-and-crypto-firms-steamrolled-a-watchdog-agency.html?smid=nytcore-ios-share