According to an online article in my threat news feeds, attackers are taking advantage of the popularity of SquidGame.
If you do not know what SquidGame is, it is a survival drama TV game show.
The threats include malware-laced downloads of episodes, or other download files related to or named after the show.
Also, malicious online stores selling SquidGame related merchandise including Halloween costumes also capture and steal your banking information.
Then there are various phishing emails related to the show.
Some quotes from the article: https://www.darkreading.com/vulnerabilities-threats/ready-to-play-squid-game-becomes-an-attractive-lure-to-spread-cyberthreats
“One of the cybercriminals’ schemes worked as follows: the victim was allegedly shown an animated version of the first game from the series, while simultaneously, a Trojan was invisibly launched that could steal data from users’ various browsers and send it back to the attackers’ server. A shortcut was also created in one of the folders, which could be used to launch the Trojan every time the system was started.”
“Kaspersky has also found mobile malware exploiting SquidGame. Hoping to download an episode of SquidGame, the user downloaded a Trojan. When an application is launched on a device, it asks the control server for tasks to complete. This can be, for example, opening a tab in the browser or sending an SMS to numbers received from the control server. This Trojan is distributed in unofficial app stores and various portals under the guise of other popular applications, games, and books.”
“We also found several pages offering to compete in an online version of the game to win the main prize – 100 BNB (Binance coin). Needless to say, the player never receives the promised reward and ends up losing their data or downloading malware.”
As the holiday shopping season approaches, please realize that there will be a lot of online stores pop up that are not legit. Please only buy from known reputable online stores and vendors.
Avoid downloads of ‘free’ items and entertainment.
Be cautious of phishing emails trying to get you to react or click.