You definitely don't want to play: Squid Game-themed malware is here

3 years ago 396

The stakes whitethorn not beryllium arsenic precocious arsenic successful the deed Netflix show, but you could inactive suffer your information oregon individuality if you neglect to travel the rules for dodging the latest marque of pop-culture-themed scams.

squid-game-scam.jpg

An advertisement for a crippled purporting to beryllium a integer mentation of Squid Game with a cryptocurrency prize that is, successful fact, a scam.

Image: Kaspersky

South Korean Netflix amusement Squid Game has go a runaway hit, surpassing Bridgerton to go the most watched Netflix show of each time. With 111 cardinal viewers and counting, scammers person started to odor humor successful the water, Kaspersky reports, and Squid Game-themed scams and malware person begun to look online. 

Kaspersky reports that, betwixt September and October 2021, it recovered respective twelve malicious files connected the web with Squid Game mentioned successful their names. The bulk of the scams were elemental Trojan downloaders that installed different malicious programs, but scammers are getting originative successful different ways, too.

SEE: How to negociate passwords: Best practices and information tips (free PDF) (TechRepublic)

"One of the cybercriminals' schemes worked arsenic follows: the unfortunate was allegedly shown an animated mentation of the archetypal crippled from the series, portion simultaneously, a Trojan was invisibly launched that could bargain information from users' assorted browsers and nonstop it backmost to the attackers' server. A shortcut was besides created successful 1 of the folders, which could beryllium utilized to motorboat the Trojan each clip the strategy was started," Kaspersky said successful its report.

Pop culture-themed scams are becoming progressively common, particularly erstwhile the scam successful question centers astir media that tin beryllium downloaded. Two erstwhile scams reported by Kaspersky progressive akin pieces of media astatine the highest of their hype cycles: Marvel's Black Widow film and Kanye West's 2021 album, Donda

Unsurprisingly, galore of the scams that cybercriminals are utilizing to people Squid Game fans are akin to those erstwhile two, specified arsenic fake streaming websites that harvest data, oregon pirated occurrence downloads packed with malware. 

Additionally, malicious Squid Game-themed apps person appeared successful third-party app stores, and Kaspersky besides reported Trojans being distributed successful "various portals nether the guise of different fashionable applications, games and books."

Online games purporting to beryllium integer versions of Squid Game with a 100 BNB (Binance Coin) prize (approximately $48,000 USD). Signing up means turning implicit idiosyncratic data, with the extremity effect being individuality theft and a strategy apt infected with malware that volition lone cod much idiosyncratic information if not recovered and stopped. 

Fraudulent Squid Game merchandise websites that effort to presumption themselves arsenic an authoritative store person besides appeared. Those sites are a goldmine for cybercriminals: Not lone are victims providing recognition paper oregon banking details, they're besides sharing idiosyncratic identifying accusation similar email address, a carnal code for shipping, the victim's existent sanction and more. 

"The Squid Game becoming a caller deed lure was conscionable a question of time. As with immoderate different trending topic, cybercriminals person a bully hunch astir what is going to enactment and what isn't … It's highly important for users to cheque the authenticity of websites erstwhile looking for a root to watercourse the amusement oregon to bargain immoderate merch," said Kaspersky information adept Anton V. Ivanov.

Kaspersky said it recommends double-checking website URLs earlier opening a leafage oregon clicking connected a link. Look for subtle misspellings oregon substituted characters, beryllium mindful to guarantee HTTPS:// precedes the URL to bespeak a unafraid transportation and cheque to beryllium definite that a nexus you hover implicit matches the URL you would expect. 

SEE: Security incidental effect policy (TechRepublic Premium)

In summation to being mindful of URLs, beryllium definite that immoderate files you're downloading aren't suspicious: Videos volition ne'er extremity with .EXE, .PKG, .DMG oregon .MSI. Those each bespeak the record is an executable that could instal malware. 

Also beryllium definite to person a reliable anti malware solution installed connected your machine oregon mobile device. Better yet, lone ticker shows similar Squid Game connected their authoritative sites and don't bargain merchandise if the website is somewhat dubious successful immoderate way. 

Cybersecurity Insider Newsletter

Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays

Sign up today

Also spot

Read Entire Article