What do David Guetta, Calvin Harris, Martin Garrix and Alan Walker have in common? While they indeed are four of the world's most celebrated and prolific DJs, with legions of fans all over the world, it so happens that their names are also being increasingly impersonated on the internet by cyber attackers to spread malware. This is being done to target users who are looking to download music libraries of these DJs, which in turn is exposing them to a wide range of malware that is also getting downloaded with music tracks. The threat, as described by Kaspersky, is so unassuming that it is hardly detectable by a common user, unless keen-eyed observants comb through all hidden files and folders that may have gotten downloaded along with an album.
According to Kaspersky, there are five primary trojans, malware and adware that have been spotted as getting downloaded along with these offline music tracks, and these files can be detected as containing the entirety of part of the following file names:
- HEUR:Trojan.Script.Generic
- UDS:DangerousObject.Multi.Generic
- Trojan.Win32.Agentb.bqyr
- not-a-virus:HEUR:AdWare.AndroidOS.Agent.f
- HEUR:Trojan.Win32.Generic
The intention behind these attacks seem more disruptive rather than target driven, and the identified malware can be used by attackers to deliberately corrupt drives and destroy data, or modify registry values to take down entire systems. As Anton Ivanov, security analyst at Kaspersky, said on the matter, "People have started to spend more time at home, and therefore consume more content. While listening to streaming or online services does not harm electronic music fans, they should be cautious if they want to download their favorite songs to their devices."
With heavy bandwidth strain occurring due to live meetings via video conferencing and other work-related collaboration, many individuals are resorting to downloading offline tracks of their favourite artists in a bid to ease the internet bandwidth load, and attackers are seemingly cashing in on this trend.
To stay safe from such attacks, it is important that a user verifies the file source properly before proceeding to download the music files. Users should also examine track names carefully, and also check for any hidden files and folders, before using them on their devices. The issue likely affects those who still download music files from unofficial, 'free' sources, and as an overall good practice, it is recommendable that users access music through verified services such as Apple Music and Spotify, as far as possible.
Comments
0 comment