In a shocking turn of events, Disney’s latest Snow White movie has received a dismal 1.6/10 IMDb rating, marking it as the biggest failure in the company’s cinematic history. The embarrassment is so profound that the movie is not even available on Disney’s own streaming platform, Disney+.
However, in a devious twist, cybersecurity researchers at Veriti have uncovered a scheme where scammers are capitalizing on the absence of the movie on legitimate platforms by offering pirated versions of Snow White. These nefarious individuals are specifically targeting torrent users, luring them into downloading malware disguised as the coveted film.
The saga began on March 20th when a seemingly genuine blog post surfaced on the website “TeamEsteem,” providing a magnet torrent link for the 2025 Snow White movie. What appeared to be a harmless download turned out to be a malicious trap set by cybercriminals. The torrent file, as identified by Veriti, led users to a package containing three files, including a fraudulent executable file named “xmph_codec.exe.”
Rather than delivering the promised movie, the codec file initiated a series of malevolent actions on the users’ devices. It disabled built-in security measures, installed malware detected by multiple security tools, dropped additional threats into the system, surreptitiously installed the TOR browser used for accessing the Dark Web, and established communication with a hidden server on the Dark Web.
The perpetrators managed to infiltrate the TeamEsteem website, exploiting a vulnerability in the outdated Yoast SEO plugin or utilizing stolen admin credentials to post the malicious content. By leveraging the hype surrounding Snow White, they lured unsuspecting users into downloading the malware-infested torrent.
This incident is not an isolated one, as cybercriminals have previously targeted high-profile movie releases to distribute malware and ransomware. Films like John Wick 3, Contagion, Black Widow, Joker, Ford v Ferrari, and Pirates of the Caribbean have all been used as bait in similar schemes. The lesson here is clear: there are risks associated with piracy, and users must exercise caution when downloading content from unverified sources.
To steer clear of such traps, individuals are advised to abstain from piracy, exercise vigilance when dealing with torrents, ensure their anti-malware software is up to date, and employ basic common sense when navigating the online landscape. By staying informed and cautious, users can safeguard themselves against falling victim to malicious schemes disguised as enticing offers.