Reader Advisory

Some articles posted in The SlickMaster's Files may contain themes, languages, and content which may neither appropriate nor appealing to certain readers. READER DISCRETION is advised.

Wednesday, February 05, 2020

And the Grammy malware goes to: Kaspersky detects malicious files disguised under award-winning names

02/03/2020 07:20:34 PM

Cyberattacks can take place anytime, anywhere – and most especially, at the advent of worldwide events. And with things that have a universal appeal like music, cyberattackers can disguise it as a bait to spread malware hidden in music tracks or video clips.

In one of the recent news by Kaspersky, the cyber-security firm revealed that cybercriminals are actively exploiting the names of artists and songs nominated for Grammy 2020 awards, to spread malware. Kaspersky, through its protection technologies, has detected a 39% rise in attacks.  These were either downloaded or malicious files that ran under the guise of nominees’ works.  The names of Ariana Grande, Taylor Swift, and Post Malone are often-used in 2019 as a disguise for malware.

As the yearly music awards took place recently, Kaspersky researchers analyzed the malware files named under the nominees of the 2020 Grammy Awards to show the extent of the problem. It resulted in this cybersecurity brand exposing 30,982 malicious files that used the names of artists or their tracks to spread malware, with 41,096 Kaspersky product users having encountered them.

Analysis of the nominated artists showed that the names of Ariana Grande, Taylor Swift, and Post Malone, were used most to disguise malicious files, with over half (55%) of detected malicious files named after them.



The number of attempts to download or run the files containing names of these pop stars also grew significantly for almost all artists in the research. The connection between the rise in popularity and malicious activity is very evident in the case of newer artists such as Billie Eilish. 

Ellish, a teenage singer who also won several Grammy awards this year, became hugely popular in 2019, and the number of users who downloaded malicious files with her name has risen almost tenfold compared to 2018 – from 254 to 2171, the number of unique distributed malicious files – from 221 to 1,556. However, while nomination for a prestigious award and recognition connected to it affects users’ interest in specific artists and, as a result, a growth in malicious activity, this is not necessarily the case for more established artists such as Lady Gaga, whose name use also experienced a rise in attacks in the past year.

Kaspersky also analyzed the 2019 Grammy-nominated records and songs that have received the most attention from cybercriminals, with Post Malone’s ‘Sunflower’, Khalid’s ‘Talk’ and Lil Nas X’s ‘Old Town Road’, being the songs with the most malware attacks.

“Cybercriminals understand what is popular and always strive to capitalize on that. Music, alongside TV shows, is one of the most popular types of entertainment and, as a result, an attractive means to spread malware, which criminals readily use. However, as we see more and more users subscribe to streaming platforms, which do not require file download to listen to music, we expect that malicious activity related to this type of content will decrease,” comments Anton Ivanov, Kaspersky security analyst.

To avoid falling victim to malicious programs pretending to be popular music files, Kaspersky recommends taking the following steps:

  • If you want to listen or download famous artists' songs, use reputable services like Apple Music, Spotify Premium, and Amazon Music. Or try to find a recognized free music site that allows you to download songs legally.
  • Try to avoid suspicious links, promising exclusive music content. Check musicians’ official social media accounts or read reputable music blogs like Pitchfork, to make sure that such content exists.
  • Look at the downloaded file extension. Even if you are going to download an audio or video file from a source you consider trusted and legitimate, the file should have an mp3, .avi, .mkv or .mp4 extension among other music and video formats, definitely not .exe or .lnk.
  • Use a reliable security solution, such as Kaspersky Security Cloud, for comprehensive protection from a wide range of threats. 
Author: slickmaster | © 2020 The SlickMaster's Files

No comments:

Post a Comment

Feel free to make a comment as long as it is within the bounds of the issue, and as long as you do it with decency. Thanks!