Fake streaming sites using Star Wars as bait to spread malware

If you are a Star Wars fan and use online streaming sites, this one is for you detailing how fake streaming sites are stealing card data.
Beware Star Wars fans; fake streaming sites using card stealing malware

If you are a Star Wars fan and use online streaming sites, this one is for you.

Popular movie franchises like Star Wars have become more of a bait that cybercriminals use to lure unsuspecting users into downloading malware by promising them exclusive footage, content or full movie even before its release. The same has happened this time around when the new Star Wars movie The Rise of Skywalker is releasing. 

See: Top The Pirate Bay Alternatives – Best Torrent Download Sites (2019)

According to Kaspersky Lab researchers, to benefit from the new Star Wars movie, released on December 20, cybercriminals have flooded the internet with infected, fake websites and files offering free steams and early preview of the movie.

Naturally, Star Wars fans are thronging to such sites for downloading the promised content, which obviously isn’t the case. These websites are loaded with malware that can easily infect a targeted device. Therefore, if you come across fake steaming sites or social media profiles promising a free pirated copy of the new movie, don’t access the site or download the file. 

Beware Star Wars fans; fake streaming sites using card stealing malware
This is an example of a fake Twitter profile luring unsuspecting Star Wars fan into downloading malware. (Image credit: Kaspersky)

What’s shocking is that so far, more than 30 fake and infected streaming sites and social media pages have been identified by Kaspersky Lab. The streaming sites and social media profiles, which are advertised as the official pages of the movie. Moreover, around 65 malicious files were also found by the researchers; these files were disguised as the copies of the movie. 

“Coupled with malicious files shared on torrents, this brings the criminals results. So far, 83 users have already been affected by 65 malicious files disguised as copies of the upcoming movie,” read the official press release from Kaspersky Lab.

Using the official name of a movie in the domains of websites with the intention of infecting devices and collecting private data is an attack technique called Black SEO. This technique enables attackers to advertise phishing websites by getting them to rank higher on popular search engines so that these appear whenever the name of the movie is searched. 

See: Pirated Version of Fire and Fury Book Loaded with Malware

The campaign is active at the moment and successfully victimizing users given the hype surrounding the movie and the higher ticket rates, which compel users to download the pirated version through torrents. Kaspersky Lab researchers also identified that phishing websites are disguised as streaming services promising bootlegged copies of the movie.

The websites supposedly contain free copies of the recently released Star Wars movie. However, once the malware is downloaded, it starts collecting private and financial data such as credit card information at the time of registration. This is an old school and relatively simple tactic used by malware operators to infect computers and obtain sensitive data. You need to beware of torrent sites and other streaming platforms including file-sharing websites to prevent your computer from getting infected.

See: How to check for websites hacked to run web skimming, magecart attack

To prevent yourself from falling prey to such social engineering attacks, you need to follow some standard best practices. Don’t access unknown websites or click on suspicious links. Always keep your security software updated with the latest system patches and never download anything from unofficial sources. Lastly, always watch your favorite movie in the theatre only.

Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.

Related Posts