Streaming services are used as bait to spread Trojans

Kaspersky researchers have discovered that cybercriminals manage to spread Trojans and extract twice as much personal data compared to adware, using streaming services as a pretext. By installing malware instead of a streaming app, users increase their chances of losing their accounts, passwords, and payment data. Kaspersky researchers also discovered a rare deception mechanism through which cybercriminals offer would-be victims the chance to win an annual subscription to a streaming service by scanning a QR-code image, which actually redirects them to a phishing page.

In order to provide a clear picture of the current threat landscape related to streaming services, Kaspersky experts analyzed malware and unwanted program scans containing the names of the most popular streaming platforms. When looking for alternative sources to download a streaming app or episode, users have come into contact with various types of malware, including Trojans, spyware and backdoors, as well as adware. In 2022, 35% of users who encountered threats masquerading as streaming services were attacked via Trojans. This percentage is more than double that of users who were attacked via adware (15%), a type of malware designed to flood the screen with unwanted advertisements. This means that by downloading a program from an unknown site, the user is now much more likely to lose personal data, accounts and money.

Among the most popular streaming platforms, cybercriminals primarily used Netflix as a front, with nearly 80% of users who fell victim to malware trying to access free streaming services looking for the app. By comparison, the number of users who attempted to download Hulu or Disney+ is eight times lower.

Movie lovers now prefer streaming services to going to the cinema, a development that cybercriminals are taking advantage of. In addition to malware or unwanted programs, cybercriminals create mass phishing pages to steal victims' personal information and credit card information. They actively follow trends and, in an effort to gain the user's trust and attention, use images from the latest and most popular TV series, such as HBO's House of the Dragon.

One of the rare scams discovered by Kaspersky purports to offer users the chance to earn an annual subscription by scanning an image with a QR-code. After the scan, victims are redirected to a phishing page where they are asked to enter their personal data, streaming service account credentials, and payment data.

Vasily M. Kolesnikov, security expert at Kaspersky, comments

The age of streaming platforms has offered cybercriminals opportunities to spread new forms of fraud. Streaming services now produce their own movies and series that can only be viewed on their platform, but not all users are willing to pay for a subscription. So, they look for ways to download a new episode of their favorite series for free on third-party sites, which usually comes with risks. Especially in today's time when cybercriminals often use streaming services as a pretext to spread Trojans, extracting personal data, account details and money from credit cards.

To help users avoid falling victim to malware and scams, Kaspersky recommends the following:

• Using a dedicated secure VPN solution could be a safe option in order to secure the connection to watch streaming services and protect personal data.
  
• Additionally, if you want to be able to watch your favorite movies and series from anywhere in the world, a reliable VPN service will come in handy.
  
• If you have any doubts about the authenticity of the content, please contact your entertainment provider.
  
• Check the authenticity of the website before entering personal data and use only official, trusted websites to watch or download movies. 
• Double-check URL formats and spelling of company names.
  
• Pay attention to the file extensions you download. A video file will never have an .exe or .msi extension.
  
• Get complete cyber security and a comprehensive suite of privacy tools. Protect your account data, securely manage your passwords, and browse, search, and access content with an unlimited VPN.