Cybersecurity specialists have discovered a new wave of Trojan campaigns that collect twice the information about an individual or a firm than standard adware. According to a report by Kaspersky, the Trojan campaign uses popular streaming services to lure victims into revealing information.
Among the streaming platforms, security experts noted that the cybercriminals were most active using Netflix — almost 80% of users facing threats under the guise of streaming services were looking to download this app from untrustworthy resources. In comparison, the number of users who tried downloading malicious or unwanted programs under the guise of Hulu or Disney+ is eight times lower.
The Trojan campaign
In the report, the researchers elaborated on the technique used by the threat actors where they use popular streaming services and offer free versions to the users. Since most of these apps are based on paid subscriptions, a group of people may be interested in using the free version and fall prey to the scam.
The criminals behind the attack used this campaign to collect users’ personal data. In most cases involving mobile applications as the bait, the threat actors bulk release these modded apps on third-party app download platforms.
However, in this particular campaign, the threat actors allegedly used a QR code to lure victims into downloading the app and offering a free annual subscription as a reward.
In recent years, especially after the Covid-19 pandemic, movies are now being released to online streaming services, giving threat actors a new domain to target potential victims. Once the victim scans the code to get their free annual subscription to the streaming platform, they are reduced to a phishing page where the hackers behind the campaign ask for payment details. Since the bait states that the users will get a free annual subscription to these apps, some individuals share the details and thus get robbed.