You definitely don’t want to play: Squid Game-themed malware is here

The stakes may perhaps not be as substantial as in the strike Netflix demonstrate, but you could even now drop your data or identity if you fall short to stick to the policies for dodging the most up-to-date brand name of pop-tradition-themed cons.


An advertisement for a recreation purporting to be a digital edition of Squid Match with a cryptocurrency prize that is, in simple fact, a scam.

Image: Kaspersky

South Korean Netflix demonstrate Squid Match has turn out to be a runaway strike, surpassing Bridgerton to turn out to be the most viewed Netflix demonstrate of all time. With 111 million viewers and counting, scammers have began to smell blood in the drinking water, Kaspersky reports, and Squid Match-themed cons and malware have begun to look online. 

Kaspersky reports that, between September and Oct 2021, it observed numerous dozen malicious files on the world wide web with Squid Match talked about in their names. The the vast majority of the cons had been simple Trojan downloaders that installed other malicious courses, but scammers are obtaining artistic in other methods, too.

SEE: How to manage passwords: Ideal practices and security guidelines (totally free PDF) (TechRepublic)

“One of the cybercriminals’ schemes labored as follows: the target was allegedly proven an animated edition of the initially recreation from the sequence, even though concurrently, a Trojan was invisibly introduced that could steal data from users’ different browsers and send it back again to the attackers’ server. A shortcut was also created in one of the folders, which could be made use of to launch the Trojan each individual time the system was began,” Kaspersky reported in its report.

Pop tradition-themed cons are getting to be significantly prevalent, primarily when the scam in question facilities all over media that can be downloaded. Two past cons noted by Kaspersky included comparable pieces of media at the peak of their hype cycles: Marvel’s Black Widow film and Kanye West’s 2021 album, Donda. 

Unsurprisingly, a lot of of the cons that cybercriminals are making use of to concentrate on Squid Match lovers are comparable to people past two, this kind of as phony streaming web-sites that harvest data, or pirated episode downloads packed with malware. 

Moreover, malicious Squid Match-themed applications have appeared in 3rd-social gathering application suppliers, and Kaspersky also noted Trojans currently being distributed in “different portals underneath the guise of other well-known applications, game titles and guides.”

On-line game titles purporting to be digital variations of Squid Match with a a hundred BNB (Binance Coin) prize (roughly $48,000 USD). Signing up indicates turning in excess of personalized data, with the close final result currently being identity theft and a system probably infected with malware that will only acquire a lot more personalized data if not observed and stopped. 

Fraudulent Squid Match products web-sites that attempt to position themselves as an formal store have also appeared. Those people web pages are a goldmine for cybercriminals: Not only are victims giving credit card or banking particulars, they’re also sharing personalized identifying data like e-mail address, a bodily address for shipping, the victim’s serious identify and a lot more. 

“The Squid Match getting to be a new strike entice was just a question of time. As with any other trending topic, cybercriminals have a good hunch about what is likely to do the job and what is just not … It is really extremely important for people to test the authenticity of web-sites when hunting for a source to stream the demonstrate or to obtain some merch,” reported Kaspersky security pro Anton V. Ivanov.

Kaspersky reported it endorses double-checking website URLs ahead of opening a website page or clicking on a connection. Glimpse for delicate misspellings or substituted characters, be aware to assure HTTPS:// precedes the URL to suggest a secure connection and test to be absolutely sure that a connection you hover in excess of matches the URL you would count on. 

SEE: Security incident reaction plan (TechRepublic Top quality)

In addition to currently being aware of URLs, be absolutely sure that any files you might be downloading aren’t suspicious: Films will never ever close with .EXE, .PKG, .DMG or .MSI. Those people all suggest the file is an executable that could install malware. 

Also be absolutely sure to have a trustworthy anti malware solution installed on your laptop or computer or cellular system. Much better however, only look at displays like Squid Match on their formal web pages and don’t obtain products if the website is a little bit doubtful in any way. 

Also see