A malicious torrent for Leonardo DiCaprio’s ‘One Battle After Another’ embeds PowerShell malware loaders within subtitle files, leading to infection with Agent Tesla RAT. This complex attack chain highlights the risks of pirated movie files and sophisticated malware delivery methods. #AgentTesla #PowerShell #PiracyThreats
Keypoints
- The fake torrent for ‘One Battle After Another’ contains malware hidden in subtitle files.
- Executing the shortcut launches PowerShell scripts that reconstruct multiple malicious payloads.
- The malware ultimately deploys the Agent Tesla RAT to steal sensitive data from infected devices.
- The infection chain involves extracting files, creating scheduled tasks, and decoding embedded data.
- Users are advised to avoid pirated movie files to prevent malware infections via such complex attacks.