Researchers spot dangerous Squid Game-themed phishing emails


Don’t play around with Squid Game phishing emails.


Netflix

Watch out for emails pushing Squid Game-themed Halloween costumes, online games and even sneak previews of a potential second season. Cybersecurity researchers say they may be carrying dangerous malware.

Earlier this week Kaspersky researchers reported that, starting in September, they found several dozen malicious files online posing as content related to the popular Netflix show. But in reality most of the files contained trojan downloaders bent on installing other malicious programs on people’s devices. Some of the other files included adware, Kaspersky said, as well as offers of Squid Game Halloween costumes that were actually fraudulent pitches designed to steal credit card information.

One of the schemes spotted by Kaspersky offers an animated version of the first game from the series. But while the victim is watching, a trojan designed to steal data from people’s web browsers and send it back to the attackers is launched in the background. The malware also creates a hidden shortcut that could be used to launch the malware each time victims start up their system, Kaspersky said. 

Kaspersky also found Squid Game-themed mobile malware distributed through third-party app stores and disguised as apps, games and books. The bogus offerings claim to contain episodes of the show for download, but instead they contain the same kinds of data-stealing trojans as the other malware.

Additional security companies are also starting to spot the malware. Proofpoint said Thursday that its researchers had pinpointed a specific cybercrime group that it says is using Squid Game-themed phishing emails to distribute the notorious Dridex malware. 

Dridex is an exceptionally effective banking trojan, Proofpoint said. If it infects your computer, that could lead to data theft or the installation of additional malware such as ransomware

Proofpoint says it spotted thousands of the emails earlier this week. In them, the attackers claim to be associated with the show and offer up access to a new season, along with chances to become a part of the show’s cast.

To avoid becoming a victim, Kaspersky’s experts say, you should always check the authenticity of websites before offering up personal information, and only download movies and other files from official sites. Double check your URLs and company name spellings to make sure you’re not heading to a spoofed site.

Avoid links promising exclusive or early access to content. If it seems too good to be true, it probably is. Pay attention to the extensions of files you’re downloading. For example, a video file will never have a .exe or .msi extension. You can also use security software that identifies malicious attachments and blocks phishing sites. 



Source link