This quote from Squid Game mirrors what fraudsters and hackers are basing their phishing campaigns on

What has trendjacking and the popular Netflix serial Squid Game have in common?

Squid Game has not only won over millions of fans; it has attracted cybercriminals, too. And it’s both coincidental and ironical that an interesting quote from the ancient Chinese poet Du Fu in one episode provides the connection: “Good rain knows the best time to fall.”

Another translation from the Chinese is: “Good rain knows its season”, and that fits trendjacking to a T. Recently, bad actors (pun intended!) have been riding the Squid Game popularity trend and created various phishing sites to lure fans into downloading materials linked to the South Korean Netflix series, only to have malware and adware creeping into their devices as extra bonuses!

One of the cybercriminals’ schemes worked as follows: the victim was allegedly shown an animated version of the first game from the series. Upon downloading the animation, the victim also had a trojan malware invisibly launched that could steal data from various browsers and send it back to the attackers’ server. A shortcut was also created to link to one folder containing the trojan code which would launch every time the system was started.

Mobile malware is another avenue of riding on the Squid Game fever. Cybersecurity firm Kaspersky has noted that shady websites feature free downloads of Squid Game episodes can trick users into downloading more than just video content. When this extra payload is activated on a mobile device, it calls back to a control server for tasks to complete. This can be, for example, opening a tab in a mobile browser or sending an SMS to numbers received from the control server. Such trojan malware can also be distributed in unofficial app stores and various portals offering popular applications, games, and books.

Another tactic is launching email campaigns with hooks such ‘leaked’ new episodes before they are official screened, or even offers to audition to be part of the cast of future episodes. Downloading the Excel documents may result in the activation of macros that download the Dridex banking trojan.

The Halloween trick is on you!

With Halloween around the corner, fans around the world will be planning to masquerade as one of the characters in the game. Cybercriminals are certainly eager to help! Many Squid Game-related fake e-stores are starting to appear, offering costumes just like what the players wore in the series.

However, when shopping on such sites, users risk not receiving the merchandise and losing their money. Moreover, victims end up sharing their banking and personal identity information!

Besides ‘classic’ phishing website offering to stream Squid Game episodes, some have also been using gamification to bait victims. Complete some online version of the game to win a Binance coin or something. Needless to say, players never receive the promised reward and end up losing their data or downloading malware.

According to Anton V. Ivanov, a Kaspersky security expert: “As with any other trending topic, cybercriminals have a good hunch about what is going to work and what isn’t. As the Squid Game’ is hyping, we observe many phishing pages (linked to the series). Needless to say, targets end up losing their data, money, and having malware installed on their device.”  

To avoid falling victim to malicious programs and scams, Ivanov advises users to: 

  • Check the authenticity of websites before entering personal data, and only use official web portals to watch or download movies. Double-check URL formats and company-name spellings. 
  • Pay attention to the extensions of files you are downloading: a video file will never have an .exe or .msi extension.  
  • Use a reliable security solution that identifies malicious attachments and blocks phishing sites.  
  • Avoid links promising early viewings of content, and if you have any doubts about the authenticity of content, do not proceed to stream or download content from the website. 

Even on the official Google Play Store, a malicious app named Squid Game Wallpaper by XEXO studios has recently been found to harbor the Joker malware. So has an unofficial Squid Game app there that had already downloaded thousands of times before discovery of malware. A malware researcher from ESET had tweeted: “Seems like a great opportunity to make money on in-app ads from one of the most popular TV show (sic) without official game (sic).”

Perhaps the best safety tip to bear in mind is to steer clear of any apps and executable content even remotely linked to trending movies, games or popular cultural icons. Violent content such as those in Squid Game have already inspired some schools to issue warnings to parents and students to steer clear.