“Wanna see the Game of Thrones in advance” email delivers malware

Beware of Email promising Game of Thrones Spoilers because it Installs Malicious Malware.

Cybercriminals aren’t apparently over with the Game of Thrones (GoT) exploiting obsession yet. The world famous Epic’s latest season has remained the eye candy of hackers this year as we first heard of ‘Mr. Smith group’ stealing 1.5 TB of data from HBO containing fresh GoT scripts; then hackers stole and leaked full episodes of GoT, HBO Spain mistakenly ran episode 6 of the series instead of 5 and last week GoT series seven finale episode’s detailed script was hacked and released on the deep web

If that wasn’t enough, now there is full-fledged email scam that distracts you with GoT spoilers and injects malware into your computer.

According to California based cyber-security firm Proofpoint, which detected the scam on August 10th when the company received malicious emails bearing the subject line “Wanna see the Game of Thrones in advance?” it was enough to alert security experts at the firm about the emergence of a new malware scam related to GoT.

On August 10 Proofpoint detected malicious email messages (Figure 1) purporting to contain unreleased Game of Thrones content. The email used the subject line “Wanna see the Game of Thrones in advance?” These lures are especially relevant since Season 7 of Game of Thrones premiered in July and concludes on Sunday, August 27, and the email claims to contain spoilers for the current season.

It is clear from the subject of the email that hackers want to exploit the natural curiosity of GoT fans by promising to reveal the never-seen-before content of the series.’ Several links in the email apparently will guide the user to the unseen GoT content, but when the user clicks on them, they install malware on the computer.

Email sent by cyber criminals (Image: Proofpoint)

In this particular scam, scammers lured users by promising to show season’s finale episode in advance and demanded money for every episode. Unsurprisingly GoT fans got thrilled. This shows cyber criminals are on a mission of making the most from the much anticipated and most watched season 7 of GoT as the season concluded on August 27.

The malicious email works on clickbait method; instead of showing unseen scenes of GoT episodes, it contains a Microsoft Word attachment, which installs a 9002 remote access Trojan if the user clicks on the attachment. Scammers have tried every possible trick to make the email seem legit; they have gone as far to include preview-like details of the GoT episodes. However, when the file is downloaded the 9002 remote access Trojan or RAT is installed.

Malware file attached with the email (Image: Proofpoint)

According to Russia based cyber security firm Kaspersky Lab, the recent rage of targeting GoT is a new form of cyber-crimes. Hackers are trying their best to break into channels’ security, obtain consequential information and leak it online sometimes to become famous and sometimes to demand ransom.

If you are a GoT fan don’t open any email tricking you to watch unreleased episodes of Game of Thrones in advance. Stay safe online.

Related Posts