Squid Game, the rave of the moment for movie lovers globally has a dark side to it as it is being used by unscrupulous elements to spread malware and steal user info by criminals. The South Korean survival drama TV series which has become a global sensation and currently Netflix’s biggest show, with more than 111-million viewers has become the target of phishing as cybercriminals were not shy in taking advantage of fans’ eagerness to watch the show, with well-known fraud schemes hitting the web themed after the series.
Experts from cybersecurity group Kaspersky share their insights on the most common and sophisticated Squid Game-related threats found in the wild, including Trojans, adware, and phishy offers of Halloween costumes.
From September to October 2021, Kaspersky found several dozen different malicious files on the web, the names of which mention in some way the phrase “Squid Game” In most cases analysed, Kaspersky discovered Trojan-downloaders able to install other malicious programs, but there were also other Trojans and adware.
One of the cybercriminals’ schemes worked as follows: the victim was allegedly shown an animated version of the first game from the series, simultaneously, a Trojan was invisibly launched that could steal data from users’ various browsers and send it back to the attackers’ server.
A shortcut was also created in one of the folders, which could be used to launch the Trojan every time the system was started.
Kaspersky has also found mobile malware exploiting Squid Game. Hoping to download an episode of Squid Game, the user downloaded a Trojan. When an application is launched on a device, it asks the control server for tasks to complete.
This can be, for example, opening a tab in the browser or sending an SMS to numbers received from the control server. This Trojan is distributed in unofficial app stores and various portals under the guise of other popular applications, games, and books.
As Halloween is coming up, many people are looking to their favourite and the most popular current shows to choose costumes from. And cybercriminals are thinking the same thing, says Kaspersky.
The security firm observed that many Squid Game-related fake stores are starting to appear. Most of them offer an opportunity to buy the costumes just like players wore in the series – such stores falsely position themselves as official.
However, when shopping on such sites, users risk not receiving the merchandise and losing their money. Moreover, targets end up sharing with cybercriminals their banking and personal identity information since they are asked to provide card details and personal data, including an email address, residence address, and full name.
Besides ‘classic’ phishing pages offering to stream Squid Game, Kaspersky also found several pages offering to compete in an online version of the game to win the main prize – 100 BNB (Binance coin). Needless to say, the player never receives the promised reward and ends up losing their data or downloading malware.
“As the ‘Squid Game’ is hyping, we observe many phishing pages offering to buy the recognisable suits from the show; other ones invite users to play the games from the show online. Needless to say, targets end up losing their data, money and having malware installed on their device. It’s extremely important for users to check the authenticity of websites when looking for a source to stream the show or to buy some merch,” comments Anton Ivanov, a security expert at Kaspersky.