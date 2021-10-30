



Don’t mess with squid game phishing emails.

Netflix

Watch out for squid game-themed Halloween costumes, online games, and even emails that push previews of potential second seasons. Cybersecurity researchers say they may have dangerous malware.

Earlier this week, Kaspersky researchers reported that starting in September, they found dozens of malicious files online disguised as content related to popular Netflix shows. But in reality, most files contained Trojan horse downloaders who were enthusiastic about installing other malicious programs on people’s devices. According to Kaspersky, other files included adware and offers for Halloween costumes for squid games that were actually fraudulent marketing designed to steal credit card information.

One of the schemes discovered by Kaspersky provides an animated version of the first game in the series. However, while the victim is watching, a Trojan horse designed to steal data from people’s web browsers and send it back to the attacker is launched in the background. According to Kaspersky, the malware also creates a hidden shortcut that can be used to launch the malware each time the victim boots the system.

Kaspersky also discovered squid game-themed mobile malware disguised as apps, games and books, distributed through third-party app stores. The fake offering claims to contain episodes of the show for download, but instead includes a Trojan horse that steals the same type of data as other malware.

Additional security companies are also beginning to discover malware. Proofpoint said Thursday that the researchers identified a specific cybercriminal group that stated that they were using SquidGame-themed phishing emails to distribute the infamous Dridex malware.

Proofpoint states that the Dridex is a highly effective banking Trojan. Infecting your computer can lead to data theft and installation of additional malware such as ransomware.

Proofpoint says it discovered thousands of emails earlier this week. Among them, the attackers claim to be related to the show and provide access to the new season, along with a chance to be part of the show’s cast.

According to Kaspersky experts, to avoid being a victim, you should always check the authenticity of your website and download only movies and other files from the official website before providing any personal information. Double-check the URL and company name spelling to make sure you aren’t visiting the spoofing site.

Avoid links that promise exclusive or early access to your content. If it seems too good to be true, it’s probably. Pay attention to the extension of the file you download. For example, video files can never have an .exe or .msi extension. You can also use security software that identifies malicious attachments and blocks phishing sites.

