And the Cyberattack Goes to ... Fans of Oscar-Nominated FilmsAnd the Cyberattack Goes to ... Fans of Oscar-Nominated Films
With the rise of cybercriminals targeting online piracy, this year's Oscar-nom fans need to be especially careful not to download malicious files while attempting to watch popular films for free.
March 10, 2023
Beware the Oscar nominees! In the age of films being available to pirate for free on the Internet, the data shows this: The more popular and critically acclaimed a pirated film is, the more likely it is to have a higher number of infected files.
This year, a research team at ReasonLabs collected data on film piracy from January 2022 to last month, focusing on some of the most well-known films from this past year, all of which are contenders for awards at the upcoming 95th Academy Awards. The researchers found thousands of cases of cyber threats within files pretending to be these highly nominated films. The boobytraps range from spyware to Trojans to malware.
In particular, Everything Everywhere All at Once, Top Gun: Maverick, and Avatar: The Way of Water, all fan and critic favorites, have been among the top films used to fish and lure movie watchers this past year.
Online piracy sites have been experiencing a steady influx of visitors, up 20% more than last year due to the COVID-19 pandemic, according to a study by MUSO, with film piracy experiencing the fastest level of growth. Businesses should take note, given that remote workers often use personal devices to access corporate assets.
ReasonLabs found the most common threats in this year's pirated Oscar contenders to be:
Spyware Personal Documents Stealer: A false, Microsoft-presenting file written in .NET that steals documents and sends them to the attacker's email.
Password Stealer Extension: A malicious installer that downloads external files to the C:\programdata folder, with deceiving names.
The Bat Worm: An executable that drops three files, hidden from the user, and copies the user's files to each drive in the device.
Keylogger: An executable that sends stolen data to its server by tracking a user's keyboard activity.
Search Hijacker Extension: A Trojan file that installs malware instead of movies using a malicious extension and installer.
In turn, users and employers need to protect themselves by utilizing tools available to them. These "include physical and digital products but also include general education," says Dana Yosifovich, security researcher at ReasonLabs. "The continued push for cyber awareness by security companies and AV providers is paramount in order to reduce the vulnerabilities of home users, and the overall success of next-generation attacks."
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingDec 12, 2023
SecOps & DevSecOps in the CloudDec 14, 2023
What's In Your Cloud?Jan 17, 2024
Everything You Need to Know About DNS AttacksJan 18, 2024
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Quantifying the Gap Between Perceived Security and Comprehensive MITRE ATT&CK Coverage
Selling Breaches: The Transfer of Enterprise Network Access on Criminal Forums
2022 Insurance Industry Cyber Threat Landscape Report