2019 Press Releases

December 19, 2019

Phishing and Malware Attacks Surface Amid Premiere of Famous Space-Saga

Films are one of the forms of entertainment where users want free access to, which builds up cyberattacks.

Online streaming, torrents and other methods of digital distributions often breaks content copyright, and yet still be the main source for people’s choice of free content. Torrent-trackers and illegal streaming platforms pose a threat to users’ cyber-safety as they can host malicious files, masked behind the name of movie recordings and files. Given this tendency, Kaspersky studied how the world-famous sci-fi franchise’s name is being abused by cybercriminals in order to fool fans of the Rebel Alliance.

‘Star Wars: The Rise of Skywalker’ which set to premiere on 19 December, is already attracting cybercriminals. Kaspersky researchers states that they have found over 30 fraudulent websites and social media profiles (which rumoured to be more) disguising as official movie accounts that pretends to distribute recent film in the franchise. These websites collect unwary users’ credit card data, under the pretense of necessary registration on the portal.

The domains of websites used for gathering personal data and spreading malicious files usually copy the exact details of the films to fool people into thinking that it has connection to the official film. This method is called ‘black SEO’, where criminals can promote phishing websites high up in search engine results (such results often show up for search terms such as ‘name-of-the-film watch free’).

Cybercriminals also set up Twitter and other social media accounts, to support the promotion of fraudulent websites, where they can share links to the content. Along with malicious files shared on torrents, which brings the criminals results. So far, 83 users have already been affected by 65 malicious files disguised as copies of the upcoming movie.

Phishing is not the only method that cybercriminals use on popular film franchises. Popular TV shows are also often disguise malicious programs yet another episode of the story. In 2019, Kaspersky detected 285,103 attempts to damage 37,772 users seeking to watch movies of the renowned space-opera series, signifying a 10% rise compared to last year. The number of unique files used to target the users amounted to 11,499 - a 30% drop on last year. The data shows that even years after the film’s premiere, a significant number of users will still seek to download malicious files in the hope of watching the famous space adventures for free.
‘Star Wars’-themed malware attacks





Attacks detected




Number of unique files




Users targeted




“It is typical for fraudsters and cybercriminals to try to capitalize on popular topics, and ‘Star Wars’ is a good example of such a theme this month. As attackers manage to push malicious websites and content up in the search results, fans need to remain cautious at all times. We advise users to not fall for such scams and instead enjoy the end of the saga on the big screen’ said Tatiana Sidorina, security researcher at Kaspersky.

Kaspersky recommends taking the following steps to avoid falling victim to malicious programs pretending to be popular films or TV shows:

  • Pay attention to the official movie release dates in theaters, on streaming services, TV, DVD, or other sources.

  • Don’t click on suspicious links, such as those promising an early view of a new film; check movie release dates in the cinema and keep track of them.

  • Look at the downloaded file extension. Even if you are going to download a video file from a source you consider trusted and legitimate, the file should have an .avi, .mkv or .mp4 extension among other video formats, definitely not .exe.

  • Check the website’s authenticity. Do not visit websites allowing you to watch a movie until you are sure that they are legitimate and start with ‘https’. Confirm that the website is genuine, by double-checking the format of the URL or the spelling of the company name, reading reviews about it and checking the domains’ registation data before starting downloads.

  • Use a reliable security solution, such as Kaspersky Security Cloud, for comprehensive protection from a wide range of threats.