Experts in Game of Thrones Malware Warning

Experts in Game of Thrones Malware Warning

RiskIQ is warning Game of Thrones fans looking to catch up on the popular HBO TV show without paying for more than they bargained for.

The threat management firm claimed it had spotted more than 450 pirated content websites serving up malware to those looking to illegally stream or download the fantasy drama.

It conducted its research over a 10-day period in May in the US, UK, Germany, France and Netherlands, running simple Google searches for download or streaming sites and clicking through the links.

The vendor claimed its virtual user technology would have prevented any infections.

However, the dangers of pirated content aren’t just a consumer risk – if users attempt to illegally download shows at work or use personal devices to access corporate systems, then malware could infect the enterprise IT environment.

RiskIQ VP Emea, Ben Harknett, claimed the firm found a mix of exploit kits, malicious redirects, trojans, spyware and phishing sites, scareware and toolbars.

“Many of these could potentially impact the organization, not just the device user,” he told Infosecurity by email. “We know that Game of Thrones has been the most pirated show over the past four years, so it’s patent that bad actors are cashing in on the trend.”

In addition, of the malicious web pages analyzed, over a third (34%) spread malware via malicious ads.

So-called malvertising is an increasingly popular tactic among cybercriminals to ensure as many users as possible are exposed to their malware.

Just last month, Fox-IT claimed to have found another major campaign, targeting nearly 300 of the most popular websites in the Netherlands, affecting potentially tens of millions.

“End-users often assume that the IT within their organization will provide adequate security measures, regardless of their actions. Or worse, don’t even consider the risks that their actions might create,” Harknett concluded.

“A critical consideration of IT managers is really around ensuring much greater awareness and education on the changing nature of threats today and how each of us can unwittingly compromise our organizations.”

Source: Information Security Magazine