Woburn, MA – January 29, 2020 – Cybercriminals are actively abusing the names of artists and songs featured in Sunday’s Grammy Awards, in order to spread malware. In 2019, Kaspersky protection technologies detected a 39% rise in attacks (attempts to download or run malicious files) under the guise of nominees’ work, compared to 2018. Ariana Grande, Taylor Swift and Post Malone were attackers’ favorites, with these nominees’ names used most often in 2019 as a disguise for malware.
Music’s popularity and widespread availability makes it an attractive vessel for malicious activity. Criminals often use popular artists’ names to spread malware hidden in music tracks or video clips.
Kaspersky researchers analyzed Grammy-nominated artists’ names and song titles for malware. They found 30,982 malicious files that used the names of artists or their tracks in order to spread malware, with 41,096 Kaspersky product users having encountered them.
Always Remember Us This Way
Lana Del Rey
Norman F*cking Rockwell
Someone you loved
LIL NAS X
Old Town Road
Bring my flowers now
Grammy artists and singles analyzed for malware
Analysis of the nominated artists showed that the names of Ariana Grande, Taylor Swift and Post Malone were used most to disguise malicious files, with over half (55%) of detected malicious files named after them.
Unique malicious files using selected Grammy nominees’ names detected by Kaspersky products
The number of attempts to download or run files containing names of these pop stars also grew significantly for almost all artists in the research.
Attacks on Kaspersky product users using files with selected Grammy nominees’ names
The connection between the rise in popularity and malicious activity is evident in the case of newer artists such as Billie Eilish. The teenage singer became hugely popular in 2019, and the number of users who downloaded malicious files with her name has risen almost tenfold compared to 2018 – from 254 to 2,171, while the number of unique distributed malicious files rose from 221 to 1,556. There was also a rise in attacks using the names of more established artists, such as Lady Gaga, whose name use also increased in the past year.
Malicious activity related to Billie Eilish
Kaspersky also analyzed which records and songs nominated for a Grammy received the most attention from cybercriminals. Post Malone’s ‘Sunflower,’ Khalid’s ‘Talk’ and Lil Nas X’s ‘Old Town Road’ led the way for songs with the most malware attacks.
“Cybercriminals understand what is popular and always strive to capitalize on that,” said Anton Ivanov, Kaspersky security analyst. “Music, alongside TV shows, is one of the most popular types of entertainment and, as a result, an attractive means to spread malware, which criminals readily use. However, as we see more and more, users subscribe to streaming platforms, which do not require file download in order to listen to music, we expect that malicious activity related to this type of content will decrease.”
To avoid falling victim to malicious programs pretending to be popular music files, Kaspersky recommends taking the following steps:
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.
 The research included titles of the singles nominated for the best record and the best song of the year as well as the names of the artists, who performed or have written music in at least one of the two general categories: the best record of the year and the best song of the year. In total, 14 artists or music bands and 13 record names were analyzed.