Kaspersky research into malicious files disguised under the names of popular streaming platforms and their content revealed that cybercriminals most frequently used Netflix and Disney’s The Mandalorian as a lure.
Between January 2019 and April 8, 2020, more than 5,000 Kaspersky users were exposed to various threats while attempting to gain access to Netflix via unofficial files that used its name. In total, there were more than 22,000 infection attempts detected that used Netflix as a lure. Among original shows on streaming platforms, The Mandalorian was the show most frequently exploited by malicious users, with a total of 1,614 users exposed this way and 5,855 infection attempts registered.
With the growing popularity of streaming services, these platforms, and their original shows, are increasingly exploited by cybercriminals as a way to launch attacks. These range from phishing attacks aimed at collecting account credentials and financial information to using the names of these platforms and their shows as a lure to trick users into downloading various threats, including adware and malware.
With this in mind, Kaspersky researchers examined the cyber threat landscape exploiting the names of five major streaming platforms (Hulu, Disney +, Netflix, Apple TV Plus, Amazon Prime Video) from January 2019 to April 8, 2020. They found that a total of 5,577 users were exposed to threats while attempting to gain access to these platforms through unofficial means. By far, the greatest number of threats used Netflix as a lure. In total, there were 23,936 attempts to infect these users with various threats.
Kaspersky researchers also examined the cyber threats associated with original content on these platforms. They looked at 25 original shows across the five services and found that the five shows used most frequently by cybercriminals as a lure were: 1) The Mandalorian (Disney +) 2) Stranger Things (Netflix) 3) The Witcher (Netflix) 4) Sex Education (Netflix) 5) Orange is the New Black (Netflix).
A total of 4,502 Kaspersky users were exposed to threats via malicious files that contained the name of one of these five shows as lure, with a total of 18,947 infection attempts registered. The greatest number came from files that contained the name The Mandalorian, a popular Disney + original, which totaled 1,614 users and a total of 5,855 infection attempts.
For both platforms and original shows, the threats most frequently encountered by users are also the most dangerous: Trojans. These types of malicious files allow cybercriminals to do everything from deleting and blocking data to interrupting the performance of the computer. Some of the Trojans distributed were Spy Trojans; particularly dangerous malicious files that track the users’ actions on the infected device. With spyware, users are susceptible to having their personal files and photos collected, as well as login and password information for their financial accounts.
To stay safe from various threats when watching streaming platforms or their original content, Kaspersky experts recommend:
• Whenever possible, only access streaming platforms via your own, paid subscription on the official website or app from official marketplaces
• Do not download any unofficial versions or modifications of these platforms’ applications
• Use different, strong passwords for each of your accounts
• Using a reliable security solution like Kaspersky Security Cloud that delivers advanced protection on all your devices