The TV series The Last of Us arrives on HBO on January 15, 2023 and this is being used by virtual ghosts to spread new malware.
The Last of Us is based on a game series that is currently only available on PlayStation. But maybe not many viewers of the series don't know that.
This is what criminals use to spread malware through files that are promised to contain the game The Last of Us Part II for PC. In fact, the game is only scheduled to appear on PC in March 2023, and even then the first part, not the second.
Users who do not know that this version of the game is not yet available for computers will download malicious files instead of the actual game. These malicious files can hide on your computer undetected for years - you wouldn't even notice something malicious as it might not cause any visible harm, it just silently launches its work.
Kaspersky experts also came across a phishing site offering activation codes for "The Last of Us". To download the file with the code, users are asked to choose one of the "gifts" they will receive along with the game: for example, to get the latest PlayStation 5 or Roblox USD 100 Gift Card.
However, after that the user is asked to enter credentials and bank account data to pay a commission fee. In fact, by providing data to cyber criminals, users' money will be stolen without a trace, while their personal data will later be used in other fraudulent schemes.
"The Last of Us is going to be a real boom in early 2023, considering how many years millions of fans have been waiting for the series. Surprisingly, now instead of offering pre-access to the series, cybercriminals have chosen a different path and are distributing files dangerous under the guise of a game," wrote Olga Svistunova, security expert at Kaspersky, in a statement we received.
"This shows that gamers, especially beginners who don't know enough about cybersecurity while playing, are among the main target audience of cybercriminals, and they will find more ways to exploit it. Be alert and check if the game you've been waiting for is available on the platforms offered, download games only from official app stores and don't forget to use trusted security solutions," he added.
Tips to avoid dangerous applications:
Avoid links that promise early screenings of movies or TV series.
Check the authenticity of the website before entering personal data and only use trusted official web pages to watch or download movies. Double check the URL format and the spelling of the company name.
Pay attention to the extension of the file you download. Video files will never have an .exe or .msi extension.
Use a reliable security solution, such as Kaspersky Security Cloud, which identifies malicious attachments and blocks phishing sites.