VulnHub

Real-time Cybersecurity News

Pirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years

Securelist
Actively Exploited
MalwareTrojan

Overview

Recent research has uncovered a long-running cybercrime operation targeting fans of pirated books, movies, and TV shows. In 2026, experts identified new websites associated with this gang, attracting tens of millions of visitors. These sites have been linked to malware distribution, including a Remote Access Trojan (RAT) that allows attackers to control infected devices. This situation poses significant risks for users who access these pirated materials, as they may unknowingly download harmful software. It's crucial for consumers to be aware of these dangers and consider the security implications of engaging with pirated content.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Users accessing pirated books, movies, and TV shows; malware including Remote Access Trojans (RATs)
  • Action Required: Users should avoid accessing pirated content, use security software, and keep their devices updated.
  • Timeline: Ongoing since several years, with new sites identified in 2026

Original Article Summary

Our experts continue to track attacks targeting consumers of pirated content, both books and movies. 2026 saw the discovery of new target sites with tens of millions of visitors, while the miner gained a RAT module.

Impact

Users accessing pirated books, movies, and TV shows; malware including Remote Access Trojans (RATs)

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Ongoing since several years, with new sites identified in 2026

Remediation

Users should avoid accessing pirated content, use security software, and keep their devices updated.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Malware, Trojan.

Read Original Article

Related Coverage

JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware

The Hacker News

A new cyber campaign has emerged, targeting cryptocurrency firms through deceptive recruitment tactics and custom malware designed for macOS systems. Researchers from Wiz have identified this threat actor, known as JINX-0164, which employs social engineering to lure victims into downloading malicious software. The malware is tailored to exploit continuous integration and continuous deployment (CI/CD) infrastructures, increasing the risk of digital asset theft for affected organizations. As cryptocurrency firms often handle significant amounts of valuable digital assets, these attacks could lead to substantial financial losses and damage to their reputations. Companies in the crypto space need to be vigilant and enhance their security measures to protect against these sophisticated threats.

May 28, 2026

19.6 Billion Files Are Sitting Open on the Internet. No Password Required

Security Affairs

A recent study by Mysterium VPN revealed that an astonishing 19.6 billion files are publicly accessible on the internet due to misconfigured cloud storage buckets. Among these files, there are around 685,000 credential files and nearly 1 million database dumps. This situation exposes sensitive information and undermines the common belief that data stored with companies is secure. The findings raise significant concerns about data privacy and security, emphasizing that many organizations may not be adequately protecting their data. It’s crucial for companies to review their cloud configurations to prevent unauthorized access to sensitive information.

May 28, 2026

Police arrest suspect in Ajax football club hack that exposed 300,000 fan records

Help Net Security

A 35-year-old man from Buren, Netherlands, has been arrested by the Dutch National Police for hacking into AFC Ajax's computer systems. The investigation began after the football club discovered that its systems had been accessed without authorization, leading to the exposure of personal records for approximately 300,000 fans. The suspect is believed to have gained unauthorized access multiple times. This incident raises concerns about the security of fan data in sports organizations and the potential risks associated with such breaches. As data privacy becomes increasingly important, this case underscores the need for sports clubs to enhance their cybersecurity measures to protect sensitive information.

May 28, 2026

Nordic CISOs Handle Rising Cyber Threats Remarkably Well

darkreading

Despite the growing concerns around cybersecurity, a recent survey of Chief Information Security Officers (CISOs) in northern Europe found that most are not experiencing a significant increase in cyberattacks compared to two years ago. This suggests that while the threat of cyber incidents remains, the situation for many organizations has stabilized. The findings indicate that companies have likely adapted their defenses and strategies against potential attacks, even with the rise of artificial intelligence in cyber operations. Understanding this trend is important for businesses as it helps inform their security postures and resource allocations. Overall, the report provides a snapshot of the current state of cybersecurity in northern Europe, demonstrating resilience in the face of evolving threats.

May 28, 2026

FBI warns law firms of in-person data theft by Silent Ransom Group

SCM feed for Latest

The FBI has issued a warning to law firms about a new tactic being used by the Silent Ransom Group (SRG) to steal sensitive data. These attackers are impersonating IT support staff and reaching out to victims through phone calls or phishing emails, aiming to gain access to their systems via remote desktop sessions. This method is particularly concerning for law firms, which often handle confidential information. If successful, these attacks could lead to significant data breaches, putting client information at risk. The FBI emphasizes the need for firms to be vigilant and to verify the identity of anyone requesting remote access to their systems.

May 27, 2026

OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms

CyberScoop

OpenAI has announced plans to enhance cybersecurity measures to protect against election interference in the upcoming 2026 midterms. This initiative builds on efforts from major tech companies in 2024 aimed at tackling the challenges posed by artificial intelligence in election processes. The focus is on preventing the manipulation of information and safeguarding the integrity of elections, especially as AI technology continues to evolve. This is significant as it demonstrates a proactive approach to a growing concern over how technology can influence democratic processes and public opinion. The collaboration with other tech firms suggests a concerted effort to address these threats before they manifest in future elections.

May 27, 2026