Malware used by advanced threat actor known by same name and a few others (APT29, CozyCar, Grizzly Bear) The group was discovered in 2015 and is still active, targeting Windows platforms. Malicious Windows shortcut file posing as a movie via The Pirate Bay torrent tracker can trigger a chain of mischievous activities on your computer. Attackers inject content from the attacker into high-profile web sites such as Wikipedia, Google and Yandex Search. Another goal is to monitor web pages for Bitcoin and Bitcoin and cryptocurrency wallet addresses.
Source: https://www.bleepingcomputer.com/news/security/fake-movie-file-infects-pc-to-steal-cryptocurrency-poison-google-results/