top of page

Copyright Notice Misuse For Malware and Phishing

Writer's picture: Nick RedfearnNick Redfearn









The IP world has long worried about the connection between online copyright violations and cyberattacks. Research by cyber security Cisco Talos Intelligence Group indicates how this works in practice. They identified a phishing campaign in Taiwan in July 2024 where fake emails enclosing PDFs were sent to potential IP infringers. The PDFs were takedown notice requests impersonating the copyright owners’ legal team. Various malware and techniques were used to enable the file to release malware into the recipients’ computer system.

 

The notices used typical copyright wording to appear real and were purportedly issued by media companies in Hong Kong and Taiwan. They are capitalising on the huge volume of copyright notices sent out around the world asking for the removal of copyright-infringing content. The target was Facebook Business accounts in Taiwan. Another example was a well-known industrial vehicle producer and an online Taiwanese shopping platform. The emails stated that the business’ lawyers were issuing a notice to a Facebook page administrator due to copyright violation based on the issue of copyrighted images and videos to promote the sale of products. They included standard legal wording used on copyright notices.

 

The file contained a malicious download link designed to enable the threat actor to extract information from the compromised IT systems, including system data, to web browser information, cryptocurrency wallets, and browser extensions. It is unclear who the phishing actors are, although indications included the use of traditional Chinese and some connections to Vietnam.

6 views0 comments

Recent Posts

See All

Opmerkingen


Rouse logo RGB-03.jpg
bottom of page