Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Scam of the Week – Game of Thrones Downloads Hiding Dangerous Malware

Game of Thrones fans eager to watch the newest episodes of the smash-hit series are being urged to be cautious when watching or downloading the show online.

The hugely popular HBO series has become the most pirated TV show in history and cybercriminals are cashing in on its success by distributing malware to unsuspecting torrent users.

According to a recent report from Kaspersky, Game of Thrones topped the list of TV shows used by cybercriminals to deliver malware. In 2017 and 2018, Game of Thrones accounted for 17% of all infected pirated content with 20,934 attacked users. This is despite the fact that there were no new episodes released in 2018.

The researchers also noted that the first and last episodes of every Game of Thrones season were the most dangerous, hiding the largest number of malicious files and affecting the most users. The Game of Thrones Season 1 episode “The Winter is Coming” was the most commonly targeted episode of the show.

Trojan malware was used in almost 33% of infected episode files, and in the majority of cases, the virus was distributed through malicious emails. Adware was found in 28% of files and payload downloader was discovered in 21%.

Image: Ex of Trojan Virus disguised as Game of Thrones Episode (Source – Kaspersky)

Game of Thrones virus

Cybercriminals are opportunistic and quick to take advantage of any major global events or current news stories to launch their scams. We’ve seen this with the World Cup, the introduction of the GDPR and the heartless crooks even used the recent attack in Christchurch as a way of embedding malware into related news stories.

With just a few days to go until the new series of Game of Thrones hits our screens, there’s likely to be a significant spike in the amount of malware disguised as new episodes of the show. Fans should be extremely vigilant and follow the below guidelines to avoid their device being infected with malware:

  • Only use legitimate services to view and download shows.
  • Install the latest anti-virus software solutions on all devices.
  • Ensure that all applications and operating systems are up to date.
  • Never click on links or download attachments from unknown sources.
  • Avoid downloading files with suspicious file extensions. Malicious programs typically end with a “.exe” extension.
  • Always verify the security of a website – Check the site has been secured using HTTPS / Check for a website privacy policy /Use a website safety check tool such as Google safe browsing / Do a WHOIS look up to see who owns the website.
  • Pay close attention to the spelling of an email address, if there are any inconsistencies, delete immediately.
  • Install a Firewall to prevent unauthorised access to your network.
  • Back up data on a regular basis.
  • Use strong passwords to reduce the chance of devices being hacked and always use different passwords for different accounts.

Phishing is the number one cause of all cyber attacks and continues to prove one of the easiest ways to steal valuable data and deliver malware. MetaPhish has been created to provide a powerful defence against these threats and enables organisations to find out just how susceptible their company is to attack. If you would like to find out more about how MetaPhish can be used to protect your business, then contact us for further information.

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations