National Cyber-criminals use Grammy nominees to target South Africans Cyber-criminals lure users with popular music and TV shows as ways to spread malware, according to cyber-security firm Kaspersky 30 January 2020 – 18:10 Pieter van der Merwe Billie Eilish poses backstage with her awards at the 62nd annual Grammy Awards on January 26 2020 in Los Angeles, the US.Picture: REUTERS/MONICA ALMEIDA Using the name or songs of American artist Billie Eilish, cyber-criminals launched more than 184,000 malware attacks on thousands of South Africans during 2019, the cyber-security company Kaspersky has found.
Kaspersky analysed the names and songs of all the Grammy-nominated artists and detected more than 30,000 malicious files globally.“The names of Ariana Grande, Taylor Swift and Post Malone were used most,” the company said in a statement.
The 18-year-old Eilish secured four awards at the ceremony on Sunday, becoming the youngest solo artist to win album of the year.The security firm said there is a clear link between a rise in popularity and malicious activity.
“The teenage singer became hugely popular in 2019, and the number of users who downloaded malicious files with her name has risen almost 10-fold compared to 2018,” Kaspersky said.
Specifically in SA, only 205 people were targeted with malware disguised as an Eilish song in 2018; that number jumped to 15,354 in 2019.
Cyber-criminals are known to exploit trends or popular individuals to target users.“Music, alongside TV shows, is one of the most popular types of entertainment and, as a result, an attractive means to spread malware,” Kaspersky said.
Get our news and views in your inbox Kaspersky has recommended users make use of digital security services, use reputable sites, avoid suspicious links, and look at the file extension before downloading it.“The file should have an .mp3, .avi, .mkv or .mp4 extension among other music and video formats — definitely not .exe or .lnk.”
Most of the incidents occurred on pirating websites where users download content illegally.The malware might include the desired format, but attackers would place it in the name and not at the end.
Kaspersky used the example: “Billie_Eilish_bad_guy_mp3.exe ”.
“The person tries to download some music without noticing that the file extension at the end is not appropriate and mp3 is not an extension, but simply the name of the file,” Kaspersksy said in response to questions by Business Day.
A successful attack, the company said, could result in unsolicited advertising; crypto-currency mining, which could affect the performance of the device in question; or, even worse, theft of personal data.
[email protected]
Russian hacking group the Silence targets Africa’s banks Virus targets ATMs that are infected to dispense cash, says IT security company Kaspersky Companies 2 weeks ago Joburg hack revealed ignorance is weakest spot in all digital systems The attack on Joburg by the Shadow Kill Hackers group lifted the lid on other vulnerabilities that potentially affect millions of people News & Fox 2 months ago Logon details of Disney+ customers sold online Service provider denies its system has been hacked and says data breaches may have happened at other firms Companies 2 months ago .
