The long-awaited release of the new James Bond movie is being exploited by cyber-criminals, according to cybersecurity company Kaspersky.
No Time to Die is actor Daniel Craig’s fifth and final fling with the internationally renowned 007 spy character created by author Ian Fleming. Bond first entered the public consciousness in 1952 with the publication of Fleming’s novel Casino Royale.
The big-screen adaptation of Casino Royale, which came out in 2006, was the first James Bond film to star Craig in the title role. After a delay of nearly 18 months due to the COVID-19 pandemic, Craig’s last turn as the over-sexed Martini-drinking maverick MI6 spy is set to premiere today.
Cyber-criminals are taking advantage of the bigger than usual buzz around this particular Bond title by operating malicious pop-ups, digital adverts, and phishing websites dedicated to the new release.
To lure victims, scammers and criminals have been dressing up malicious movie files so that they appear to be a leaked copy of No Time to Die. In reality, the files contain unwanted software or malware.
“With the premieres of new films and TV series moving online, this has fueled interest not only for cinephiles but also among scammers and fraudsters. Inevitably, such a long-awaited premiere as No Time to Die causes a stir,” said Kaspersky security expert Tatyana Shcherbakova.
“Users should be alert to the pages they visit, not download files from unverified sites, and be careful with whom they share personal information.”
In the lead-up to the film’s premier, Kaspersky researchers found and analyzed malicious files disguised as the new movie and movie-related phishing websites. They found Trojans, malicious programs that can give cyber-criminals backdoor access to a victim’s sensitive data.
Researchers also encountered adware, ransomware, and Trojan-PSW – stealers capable of gathering login credentials.
Also doing the rounds were phishing websites set up to steal victims’ bank details. The sites play only part of the movie before asking the viewer to register and enter their credit card information.
“However, after registration is complete, the user can’t continue watching. Money is debited from their card and the payment data ends up in the fraudster’s hands,” warned researchers.