Malware hides behind names and works of Grammy 2020 nominees — Kaspersky

-A +A

KUALA LUMPUR (Jan 31): Cybersecurity company Kaspersky said cybercriminals are actively abusing the names of artistes and songs that were nominated for an award at the Grammy 2020 to spread malware.

In a statement today, Kaspersky said it has detected a 39% rise in attacks, which it defined as attempts to download or run malicious files, under the guise of the nominees' work last year, compared with 2018.

Ariana Grande, Taylor Swift and Post Malone were attackers' favourites, it said, with over half (55%) of detected malicious files named after them.

“In light of the biggest music awards of the year, to show the extent of the problem, Kaspersky researchers analyzed Grammy 2020 nominated artistes’ names and song titles for malware. As a result, Kaspersky found 30,982 malicious files that used the names of artistes or their tracks in order to spread malware, with 41,096 Kaspersky product users having encountered them,” Kaspersky said.

The connection between the rise in popularity and malicious activity is evident in the case of newer artistes such as Billie Eilish, the teenage singer who shot to fame in 2019.

According to Kaspersky, the number of users who downloaded malicious files with her name rose almost 10-fold compared to 2018 — from 254 to 2,171 — while the number of unique distributed malicious files grew from 221 to 1,556.

“Cybercriminals understand what is popular and always strive to capitalize on that. Music, alongside TV shows, is one of the most popular types of entertainment and, as a result, an attractive means to spread malware, which criminals readily use,” said Anton Ivanov, Kaspersky security analyst.

The good news, however, is that there are more users subscribing to streaming platforms, which do not require file downloads in order to listen to music. Therefore, malicious activities related to this type of content is expected to decrease, said Ivanov.

Nevertheless, to avoid falling victim to malicious programs pretending to be popular music files, Kaspersky recommends listening or downloading famous artists’ songs using reputable services like Apple Music, Spotify Premium and Amazon Music.

“Look at the downloaded file extension. Even if you are going to download an audio or video file from a source you consider trusted and legitimate, the file should have an mp3, .avi, .mkv or .mp4 extension among other music and video formats, definitely not .exe or .lnk,” it added.