SECURITY
SECURITY
SECURITY
Free copies of Oscar-nominated movies used as bait for malware and phishing
The appeal of obtaining free copies of Oscar-nominated movies is being used to distribute malware and phish user details, security researchers at the cybersecurity firm Kaspersky Lab revealed today.
The researchers discovered more than 20 phishing websites and 925 files that were presented as free movies with many being promoted by accounts on Twitter Inc.
The sites force users to carry out a variety of tasks, such as taking surveys, providing personal details, installing adware or in some cases providing credit card details in order to obtain access to a pirated copy. The catch is that no such copy exists and, in the process, those behind the sites capture user data and access they can then use for nefarious purposes.
The distribution of sites was found to also reflect interest in particular movies. “Joker,” “1917,” “The Irishman” and “Once Upon a Time … in Hollywood” were the movies most regularly targeted, whereas no sites were found to be targeting “Parasite.”
The researchers also found that many of the malicious files appeared in the third or fourth week after the release of the films, although some were distributed before the premiere.
“Cybercriminals love to use the promise of free stuff to tempt people into clicking on links or downloading malicious files,” Erich Kron, security awareness advocate at security awareness training firm KnowBe4 Inc., told SiliconANGLE. “This is another example of using the hype around an internationally recognized event such as the Oscars to lure unsuspecting people into falling for various scams, giving up personal information or downloading malware.”
Emails and social media posts of this sort can be very effective against those with a significant interest in the film industry, he added. “It is important to teach people that any email, phone call, text message or even social media post that elicits a strong emotional response should be looked at skeptically,” he said. “This is especially true when there is the promise of something for nothing.”
Tyler Reguly, manager of security research and development at cybersecurity firm Tripwire Inc., noted that it’s well-known that piracy websites are often plagued with malicious files and malvertising. “Yet people continue to visit them to save $4.99 on a movie rental or to see a film a few weeks before everyone else,” Reguly said. “It is telling about an individual that they’re willing to risk their personal information for a couple of bucks.”
Photo: Pxfuel
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
