Everyone who’s anyone is likely over the moon with the recent release of Star Wars: Rise of Skywalker in theatres across the globe just yesterday on 19 December but the long lines around the box office and sold out tickets have resulted in impatient fans attempting to see the real thing ahead of time via, how shall we say, less than legal means and coming with it a whole load of trouble via a ton of malicious malware.
With the rise of every cinematic phenomenon, there’s an inevitable attempt by pirates to leak these movies ahead of time be it for free or for a fee for download or streamed via a variety of online platforms. Unfortunately, overeager users keen to get a five-finger discount on the conclusion of the Star Wars saga also end up getting a whole lot extra with their ostensible download as all these sources leave a potential user wide open to a variety of cyberattacks.
All these illegal streaming platforms and downloads, not just for Star Wars: Rise of Skywalker but for almost any other content available online be it movies, games or other content can hide potentially malicious malware, all hidden behind the names of these famous movies and other legitimate content.
According to Kaspersky, enterprising cybercriminals are using the latest Star Wars movie, in a rather surprisingly devious Sith-like move that makes Order 66 look like the work of an amateur to stage phishing and act as an avenue for cyberattacks.
Kaspersky researchers discovered over 30 fake websites and social media profiles masquerading as official movie accounts for the film that supposedly are there to share free copies of the movie and do so by asking for credit card data, under the pretense of registering and securing access to these portals. And the number of attacks have increased by 10% from last year.
These fake registration requirements are there to harvest personal data and to spread malicious files. To make the trap more tempting, cybercriminals use ‘black SEO’ to rank these dangerous sites on the first or second page of search engine results when users are looking for the film. To make it look official, these cybercriminals even cook up Twitter and other social media accounts that make it look legitimate.
According to Kaspersky, 83 users (and the number is rising) have been affected by 65 malicious files that are disguised as movie files. “It is typical for fraudsters and cybercriminals to try to capitalise on popular topics, and ‘Star Wars’ is a good example of such a theme this month. As attackers manage to push malicious websites and content up in the search results, fans need to remain cautious at all times. We advise users to not fall for such scams and instead enjoy the end of the saga on the big screen,” said Tatiana Sidorina, security researcher at Kaspersky.
Needless to say, common sense prevails online. To avoid falling victim to these malware and phishing attacks, Kaspersky advises users to:
-Pay attention to the official movie release dates in theaters, on streaming services, TV, DVD, or other sources
-Don’t click on suspicious links, such as those promising an early view of a new film; check movie release dates in the cinema and keep track of them
-Look at the downloaded file extension. Even if you are going to download a video file from a source you consider trusted and legitimate, the file should have an .avi, .mkv or .mp4
extension among other video formats, definitely not .exe
-Check the website’s authenticity. Do not visit websites allowing you to watch a movie until you are sure that they are legitimate and start with ‘https’. Confirm that the website is genuine, by double-checking the format of the URL or the spelling of the company name, reading reviews
about it and checking the domains’ registation data before starting downloads
-Use a reliable security solution, such as Kaspersky Security Cloud, for comprehensive protection from a wide range of threats.
Long story short – just go legit and watch it Star Wars:Rise of Skywalker the cinema since it won’t hit any official streaming services or Bluray for quite a few months to come. For more on Kaspersky and their range of cybersecurity solutions, visit their official page at www.kaspersky.com