Malware and Grammys: Cybercriminals are actively abusing the names of artists and songs nominated for the Grammy Awards 2020 to spread malware. Kaspersky's protection technologies have detected a 39% increase in Grammy attacks compared to 2018 (attacks that try to "download" or "run" infected files and pretend to be the work of Grammy nominees).
Ariana Grande, Taylor Swift and Post Malone were the attackers' favorites, as they used their names as disguises in most similar malware cases.
Music is universally accepted… It is not only entertainment, but also a way of healing and education, as well as through it a separate channel of communication is created between artist and audience. Its popularity and widespread availability is why, even in the age of streaming services, music is not free of malicious activity: criminals use the names of popular artists to spread malicious software hidden in music tracks or music videos. .
In the light of the biggest music awards of the year, Kaspersky's researchers analyzed this year's Grammy 2020 artist and song nominations by detecting malware that exploits their names. As a result, Kaspersky has detected 1 malwares that use the names of artists or their tracks to spread malware, with 30.982 users of Kaspersky products being exposed.
|Ariana Grande||7 Rings|
|Billie Eilish||Bad Guy|
|Good Iver||Hey, ma|
|Lady Gaga||Always Remember Us This Way|
|Lana Del Rey||Norman F * cking Rockwell|
|Lewis Capaldi||Someone you loved|
|LIL NAS X||Old town road|
|Tanya Tucker||Bring my flowers now|
Artists and Singles candidates for Grammy analyzed for malware
The analysis of the candidate artists showed that the names of Ariana Grande, Taylor Swift and Post Malone were used more to disguise malicious files, with more than half (55%) of the detected malicious files containing their name.
Unique malware that uses selected candidate names for Grammy identified by its products Kaspersky.
The number of attempts to "download" or execute files containing the names of these pop stars has also increased significantly for almost all of the artists surveyed.
Attacks on product users Kaspersky using files with selected candidate names for Grammy
The link between rising popularity and malicious activity is quite obvious in the case of younger artists like Billie Eilish. The teenage singer became extremely popular in 2019, and the number of users who "downloaded" malicious files with her name almost increased tenfold compared to 2018 from 254 to 2.171. However, while being nominated for a prestigious award and the recognition associated with it influence users' interest in specific artists and therefore the development of malicious activity, this is not necessarily the case for more established artists such as Lady Gaga, whose name was used for even more attacks compared to last year.
Malicious activity related to Billie Eilish
Kaspersky also analyzed which recordings and songs were nominated for a Grammy in 2019 and attracted the attention of cybercriminals. The Sunflower of Post Malone, the "Talk" of Khalid and the Old Town Road Lil Nas X's were used for more attacks than any other song.
"Cybercriminals understand what is popular and always try to take advantage of it. Music, along with TV shows, is one of the most popular forms of entertainment and, therefore, an attractive means of dissemination. malware, which criminals easily exploit. However, as we see more and more users subscribing to music streaming platforms, which do not require downloading files for music playback, we are optimistic that the malicious activity associated with this type of content will decrease. commented Anton Ivanov, security analyst at Kapsersky.
To avoid falling prey to malicious programs that pretend to be popular music files, the Kaspersky recommends following these steps:
- If you want to listen to or download songs by famous artists, use reliable services such as Apple Music, Spotify Premium and Amazon Music. Or try finding a free and trusted music site that lets you download songs legally.
- Try to avoid suspicious links, which promise exclusive music content. Check out official music social media accounts or read reputable music blogs like Pitchfork to make sure there is such content.
- Check the file extension you have downloaded. Even if you are going to "download" an audio or video file from a source that you consider reliable and legitimate, the file should have mp3, .avi, .mkv or .mp4 extension among other music and video formats, definitely not .exe or .lnk.
Use a reliable security solution for complete protection.