Phishers hunt fans of the latest Star Wars movie

According to Kaspersky, 83 users have already been hit by 65 malicious files, disguised as copies of Star Wars: The Rise of Skywalker.

Video: 3 leadership lessons from Star Wars
TechRepublic has overtaken Trey Grayson, the former Secretary of State of Kentucky and current CEO of the Northern KY Chamber of Commerce, about what business leaders can learn from Star Wars.

May the Force be with you when Star Wars: The Rise or Skywalker goes to theaters.

Researchers from cyber security company Kaspersky have found 65 malicious files disguised as copies of the latest and latest film in the trilogy. They have also found more than 30
sites and social media profiles disguised as official film accounts that supposedly distribute free copies of the film, Kaspersky said.

SEE: Star Wars: The Rise of Skywalker review – Everything you could ask for except the heart (CNET)

In addition to distributing malicious files, the sites often collect credit card information, under the guise of necessary registration on the portal, according to Kaspersky.

Hype about the film franchise has been feeding this problem for much of the year, the company said. In general, Kaspersky researchers discovered 285,103 attempts to infect 37,772 users trying to watch Star Wars movies in 2019; an increase of 10% compared to 2018.

Films have become a fertile ground for cyber attacks because they are one of the most important forms of entertainment that users try to reach for free, Kaspersky said. Online streaming, torrents and other digital distribution methods often infringe copyright on content, and yet they remain a popular source of free content.
Torrent trackers and illegal streaming platforms pose a threat to users’ cyber security because they can host malicious files, masked by the name of movie files to fool fans, according to Kaspersky.

How the process fools fans

The process works by copying the official name of a movie and providing thorough descriptions and supporting content. Next, a cyber attacker creates domains of websites that are used to collect personal data, distribute malicious files, and make users believe that the website is somehow connected to the official movie.

This practice, known as ‘black SEO’, enables criminals to promote phishing websites high in the search results. These results often appear for search terms such as “watch the movie’s name for free,” Kaspersky said.

To further support the promotion of fraudulent websites, cyber criminals also set up Twitter and other social media accounts, where they distribute links to the content. Combined with malicious files that are shared on torrents, this results in the results of the criminals, the company said.

So far, 83 users have been hit by 65 malicious files, disguised as copies of the upcoming movie, Kaspersky said.

“It’s typical for fraudsters and cyber criminals to try to take advantage of popular topics, and” Star Wars “is a good example of such a theme this month,” said Tatiana Sidorina, security researcher at Kaspersky, in a statement. “Because attackers succeed in pushing up malicious websites and content in search results, fans must remain cautious at all times. We advise users not to fall for such scams and instead enjoy the end of the big screen saga “

Tips to prevent you from becoming a victim

Kaspersky recommends the following steps to prevent you from becoming a victim of malicious programs that occur as popular movies or TV shows:

  • Pay attention to the official release dates of films in theaters, on streaming services, TV, DVD or other sources
  • Do not click on suspicious links, such as those that promise an early view of a new movie.
  • View the downloaded file extension. Even if you are going to download a video file from a source that you consider reliable and legitimate, the file must have the extension .avi, .mkv or .mp4, along with other video formats, certainly not .exe.
  • Check the authenticity of the website. Do not visit websites where you can watch a movie until you are sure that they are legitimate and start with ‘https’. Confirm that the website is genuine by checking the format of the URL or the spelling of the company name, reading reviews about it, and checking the domain registration information before you start downloads.
  • Use a reliable security solution for comprehensive protection against a wide range of threats.

Cyber ​​Security Insider Newsletter

Strengthen the IT security of your organization by staying up to date with the latest news, solutions and best practices for cyber security.
Delivered on Tuesday and Thursday

Register today

Also see

Image: Walt Disney Studios

Chileans vote for new constitution, leaving behind relic of Pinochet’s brutal legacy

SANTIAGO, Chile — On the wooden benches of Santiago’s Estadio Nacional, university professor Luís Cifuentes spent long, empty days in the spring of 1973 trying to ignore the agonizing screams emanating from the bowels of the stadium.Around 40,000 left-wing political prisoners passed through the stadium during Gen. Augusto Pinochet’s brutal dictatorship (from 1973 to 1990),…

Freshly signed law aims to limit the damage from area weather

Space weather like solar flares could seriously disrupt electronics and satellites, and the US government might soon mount a better defense. President Trump has signed the PROSWIFT Act (Promoting Research and Observations of Space Weather to Improve the Forecasting of Tomorrow), a bill that will help to predict space weather and limit the damage when…

CIO interview: Joe Soule, CTO, Capital One Europe

Never go back, or so they say – but one IT chief’s return to his former employer brought new opportunities and tech transformation By Mark Samuels Published: 21 Oct 2020 11:30 It is a popular adage in employment to say that you should never go back, but Joe Soule, chief technology officer (CTO) at finance…

Leave a Reply