The Malwalorian: hidden threats behind top TV series and films
The first international big TV event of the 2021 awards season starts today (PH time) with the 78th annual Golden Globes. However, TV shows and films are not only sources of entertainment but also an attractive lure for cybercriminals to spread threats, phishing pages and spam letters. As a result, on the eve of such an important industry event, it has become a source of interest for cinephiles, film buffs, scammers and fraudsters alike.
To get a clearer picture of how cybercriminals try to monetize viewers’ interests, Kaspersky experts have analyzed malicious files behind nominated films as well as movie-related phishing websites designed to steal users’ credentials.
The Best Picture nominees being studied
- Borat Subsequent Moviefilm
- Emily in Paris
- Ozark
- Palm Springs
- Ratched
- The Crown
- The Mandalorian
- The Queen's Gambit
- The Trial of the Chicago 7
- Unorthodox
During the first three weeks of January, Kaspersky researchers observed that 275 users were subjected to infection attempts using files with various threats disguised as best picture nominees. It was also found that “The Mandalorian” was the most popular bait among cybercriminals, accounting for 68% of the infections. Netflix’s hit series “The Queen’s Gambit” was second in this rating with 11% of infected users and “Ozark” completed the top three with 6% of users.
The percentage of users targeted by malware associated with nominated films in January |
By February 21, Kaspersky researchers had discovered that the number of users targeted with malware associated with nominated films and series had decreased by almost three times compared to the previous month. “The Mandalorian'' remained the most targeted feature, while “The Queen’s Gambit” remained in second place. However, there were changes in the percentages of targeted users – 33% and 18% respectively.
This means that for the same period in February the number of infections guised by “The Mandalorian'' decreased by six times. At the same time, while “Ozark'' viewers were safer, cybercriminals’ interest in “Palm Springs” increased and the number of infections increased by three.
The percentage of users targeted by malware associated with nominated films in February |
Kaspersky experts also found a number of phishing websites designed to steal viewers’ credentials. Some of them offer to enter bank card details to confirm that the user is located in the exact region where the web resource is licensed to distribute content. Others just redirect to third party resources. In either scenario, the user is deceived with their data leaked and credentials stolen.
An example of a phishing website related to nominees |
“Films and TV series’ have always been popular baits to spread threats and perform phishing campaigns. However, today we see that cybercriminals have shifted their attention from the film industry. Instead, we discover some interest from threat actors around the most popular shows at that moment, like The Mandalorian. It appears that this great show attracts not only viewers around the world but also cybercriminal interest,” comments Kaspersky security expert Anton V. Ivanov.
To avoid falling victim to a scam, Kaspersky advises users to:
- Check the authenticity of websites before entering personal data and use only official web pages to watch films, series’ and shows. Double-check URL formats and company name spellings.
- Pay attention to the extensions of the files that you are downloading. A video file will never have an .exe or .msi extension.
- Use a reliable security solution Kaspersky Security Cloud that identifies malicious attachments and blocks phishing sites.
- Avoid links promising early viewings of content, and if you have any doubt about the authenticity of content check it with your entertainment provider.
No comments: