Dragons, zombies and superheroes: top TV show disguises used to spread malware
Cybercriminals are actively using new episodes of popular TV shows to distribute malware, research by Kaspersky Lab has found Game of Thrones, The Walking Dead, and Arrow are the shows receiving the most attention from attackers. These and other findings are published in a new report, ‘Game of Threats: How cybercriminals use popular TV shows to spread malware.’ TV shows are one of the most popular and universal types of entertainment, yet with the rise of torrents, online streaming, and other methods of digital distribution, they often suffer from copyright infringement. In many regions, such programs can now be consumed through illegal channels, such as torrent-trackers and illegal streaming platforms. Unlike legitimate resources, torrent trackers and hosted files may send a user a file that looks like an episode of a TV show but is in fact malware with a similar name.
Seeing how easily TV shows downloaded from illegitimate resources can be replaced with malware-carrying versions, Kaspersky Lab researchers took a closer look at such compromised files, covering both 2018 and 2017. Leading the list in both years was Game of Thrones. In 2018, it accounted for 17% of all infected pirated content, with 20,934 attacked users, followed by The Walking Dead, with 18,794, and Arrow, with 12,163.
This is despite the fact that in 2018, there were no new episodes of Game of Thrones released, while the other shows in the ranking were accompanied by high profile promotional campaigns. In every case observed, the malware distributors opted for the first and the last episode of each season, with the launch episode the most actively used, for example, Game of Throne’s ‘The winter is coming’ episode in Season 1.
“We can see clearly that malware distributors exploit TV shows that are in high demand on pirated websites: these are usually actively promoted dramas or action series. The first and final episodes, attracting the most viewers, are likely to be at greatest risk of malicious spoofing. Online fraudsters tend to exploit people’s loyalty and impatience, so may promise brand new material for download that is, in fact, a cyberthreat. Keeping in mind that the final season of Game of Thrones starts this month, we would like to warn users that it is highly likely there will be a spike in the amount of malware disguised as new episodes of this show,” Said Anton V. Ivanov, security researcher at Kaspersky Lab.