Cyber-criminals use Grammy nominees to target South Africans
Cyber-criminals lure users with popular music and TV shows as ways to spread malware, according to cyber-security firm Kaspersky
Using the name or songs of American artist Billie Eilish, cyber-criminals launched more than 184,000 malware attacks on thousands of South Africans during 2019, the cyber-security company Kaspersky has found.
Kaspersky analysed the names and songs of all the Grammy-nominated artists and detected more than 30,000 malicious files globally. “The names of Ariana Grande, Taylor Swift and Post Malone were used most,” the company said in a statement.
The 18-year-old Eilish secured four awards at the ceremony on Sunday, becoming the youngest solo artist to win album of the year. The security firm said there is a clear link between a rise in popularity and malicious activity.
“The teenage singer became hugely popular in 2019, and the number of users who downloaded malicious files with her name has risen almost 10-fold compared to 2018,” Kaspersky said. Specifically in SA, only 205 people were targeted with malware disguised as an Eilish song in 2018; that number jumped to 15,354 in 2019.
Cyber-criminals are known to exploit trends or popular individuals to target users. “Music, alongside TV shows, is one of the most popular types of entertainment and, as a result, an attractive means to spread malware,” Kaspersky said.
Kaspersky has recommended users make use of digital security services, use reputable sites, avoid suspicious links, and look at the file extension before downloading it. “The file should have an .mp3, .avi, .mkv or .mp4 extension among other music and video formats — definitely not .exe or .lnk.”
Most of the incidents occurred on pirating websites where users download content illegally. The malware might include the desired format, but attackers would place it in the name and not at the end.
Kaspersky used the example: “Billie_Eilish_bad_guy_mp3.exe ”.
“The person tries to download some music without noticing that the file extension at the end is not appropriate and mp3 is not an extension, but simply the name of the file,” Kaspersksy said in response to questions by Business Day.
A successful attack, the company said, could result in unsolicited advertising; crypto-currency mining, which could affect the performance of the device in question; or, even worse, theft of personal data.