Cybersecurity researchers have issued a warning over a new strategy adopted by cybercriminals that plays on the popularity of Netflix sensation Squid Game.
According to security firm Kaspersky, several dozen malicious files with names containing reference to the show are currently circulating on the web, the majority of which are designed to facilitate secondary malware infections.
These files are being distributed in a number of different ways: via unofficial app stores, malicious websites, email campaigns and more. With Halloween now only a few days away, cybercriminals are also operating fake Squid Game costume stores designed to steal personal data and credit card details. Given the demand for the iconic mask and jumpsuit-based costume, this is expected to be a particularly successful attack vector in the coming days.
Breaking the game
It is a common tactic among cybercriminals to latch onto the latest trend or event in an effort to draw people into making mistakes. In the same way hackers used the launch of the latest James Bond film to spread ransomware and steal personal data, threat actors are now capitalizing on the popularity of Squid Game.
“Squid Game becoming a new hit lure was just a question of time. As with any other trending topic, cybercriminals have a good hunch about what is going to work and what isn’t,” explained Anton V. Ivanov, a security expert at Kaspersky.
“Needless to say, targets end up losing their data, money and having malware installed on their devices. So it’s extremely important for users to check the authenticity of websites when looking for a source to stream the show or buy some merch.”
In addition to checking website URLs and content for abnormalities, users are advised never to enter payment details into a site that does not feature HTTPS protection (signified by a lock icon in the address bar).
For an additional layer of protection, meanwhile, web users should install a reputable antivirus product on all devices and use a secure password generator to create unique passwords for online accounts, which shields against password-stuffing attacks in the event of a compromise.