A report has been released by cybersecurity company Proofpoint, explaining how Game of Thrones fans are being deceived by hackers, who are using the lure of spoilers to mislead people into downloading malware. Essentially, these people are being targeted by the use of phishing.
Such emails were first detected on August 10, with the subject line "Wanna see the Game of Thrones in advance?". As can be observed, these contain some general details (blurred out) regarding the upcoming episode along with the promise of "some video clips of the scenes described above."
According to Proofpoint, this email also contains a Microsoft Word attachment named "game of thrones preview.docx”. Downloading this document, rather than provide users with an actual preview, will instead execute a malicious PowerShell script, which ultimately installs the diskless “9002” remote access Trojan (RAT). According to the company, similar incidents in previous years point towards Chinese state-sponsored actor known as Deputy Dog.
The hackers' attempt to misguide people is especially relevant at this time considering that the Game of Thrones season 7 finale is just around the corner. Furthermore, the recent cyber incident targeting HBO does give credence to the possibility that even more of the show's content may have leaked as well. In any case, readers are advised to immediately delete or ignore any such emails they might receive.
Source: Proofpoint
10 Comments - Add comment