Nigeria: Thousands attacked by malware disguised as Billie Eilish
January 30, 2020
Cybercriminals iin Nigeria are actively abusing the names of artists and songs nominated for a Grammy 2020 award, in order to spread malware. Kaspersky protection technologies detected a 39 per cent rise in attacks (attempts to download or run malicious files) under the guise of nominees’ work in 2019, compared to 2018.
In light of the biggest music awards show of the year, to show the extent of the problem, Kaspersky researchers analysed Grammy 2020 nominated artists’ names and song titles for malware and found 30,982 malicious files that used the names of artists or their tracks in order to spread malware, with 41,096 Kaspersky product users having encountered them.
Analysis of the nominated artists showed that the names of Ariana Grande, Taylor Swift and Post Malone were used most to disguise malicious files, with over half (55 per cent) of detected malicious files named after them.
The connection between the rise in popularity and malicious activity is very evident in the case of newer artists such as Billie Eilish. The teenage singer became hugely popular in 2019, and the number of users who downloaded malicious files with her name has risen almost tenfold compared to 2018 – from 254 to 2171, the number of unique distributed malicious files – from 221 to 1,556. For instance, while the number of users attacked by Malware disguised as Billie Eilish songs in Nigeria accounted for only 381 in 2018, 2019 saw this number increase to 9,722. Overall, Nigeria saw 55 of such malicious files distributed in this region in 2019, with 94,630 attacks.
Kaspersky also analysed which records and songs, nominated for a Grammy in 2019, received most attention from cybercriminals. Post Malone’s ‘Sunflower’, Khalid’s ‘Talk’ and Lil Nas X’s ‘Old Town Road’, led the way for songs with the most malware attacks.
“Cybercriminals understand what is popular and always strive to capitalise on that. Music, alongside TV shows, is one of the most popular types of entertainment and, as a result, an attractive means to spread malware, which criminals readily use. However, as we see more and more users subscribe to streaming platforms, which do not require file download in order to listen to music, we expect that malicious activity related to this type of content will decrease,” commented Anton Ivanov, Kaspersky security analyst.