Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
With the rise of cybercriminals targeting online piracy, this year's Oscar-nom fans need to be especially careful not to download malicious files while attempting to watch popular films for free.
2 Min Read
Source: Polly Thomas via Alamy Stock Photo
Beware the Oscar nominees! In the age of films being available to pirate for free on the Internet, the data shows this: The more popular and critically acclaimed a pirated film is, the more likely it is to have a higher number of infected files.
This year, a research team at ReasonLabs collected data on film piracy from January 2022 to last month, focusing on some of the most well-known films from this past year, all of which are contenders for awards at the upcoming 95th Academy Awards. The researchers found thousands of cases of cyber threats within files pretending to be these highly nominated films. The boobytraps range from spyware to Trojans to malware.
In particular, Everything Everywhere All at Once, Top Gun: Maverick, and Avatar: The Way of Water, all fan and critic favorites, have been among the top films used to fish and lure movie watchers this past year.
Online piracy sites have been experiencing a steady influx of visitors, up 20% more than last year due to the COVID-19 pandemic, according to a study by MUSO, with film piracy experiencing the fastest level of growth. Businesses should take note, given that remote workers often use personal devices to access corporate assets.
ReasonLabs found the most common threats in this year's pirated Oscar contenders to be:
Spyware Personal Documents Stealer: A false, Microsoft-presenting file written in .NET that steals documents and sends them to the attacker's email.
Password Stealer Extension: A malicious installer that downloads external files to the C:\programdata folder, with deceiving names.
The Bat Worm: An executable that drops three files, hidden from the user, and copies the user's files to each drive in the device.
Keylogger: An executable that sends stolen data to its server by tracking a user's keyboard activity.
Search Hijacker Extension: A Trojan file that installs malware instead of movies using a malicious extension and installer.
In turn, users and employers need to protect themselves by utilizing tools available to them. These "include physical and digital products but also include general education," says Dana Yosifovich, security researcher at ReasonLabs. "The continued push for cyber awareness by security companies and AV providers is paramount in order to reduce the vulnerabilities of home users, and the overall success of next-generation attacks."
About the Author(s)
You May Also Like
More Insights
Webinars
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
