Leaked Game of Thrones episodes used for phishing by a Chinese hacker group

Online piracy is nothing new and its popularity has only been growing with the years. Despite ceaseless attempts by developers, authors, artists, musicians or any other form of owners of intellectual property, theft and illegal distribution of said property using the world wide web is still seen as major issue. There are many reasons why it is so difficult to stop a determined hacker from obtaining some form of intellectual property and distributing it illegally.

Illegally distributed Game of Thrones episodes

Naturally, the most popular targets for such hackers would be products that would have just as equal mainstream popularity. Throughout the past two months or so, one such product has been HBO’s Game of Thrones. There is no denying that this is currently the biggest and most popular TV series worldwide and it is pretty much mandatory that hackers and web pirates would be targeting it. More likely than not, most episodes from the previous seasons are already out there, available on illegal torrent and file-sharing sites. However, the interesting thing is some of the episodes from the latest season (Season 7) were available online prior to being aired on HBO. Episode four was leaked by employees of a third-party distributor of HBO in India and season 6 got accidentally aired in Spain and Scandinavia a week earlier from its release which led to its uploading on the Internet so users from all over the world were consequently able to watch it. Additionally, a hacker group that goes under the name of Mr.Smith has allegedly leaked the scripts for the next season of Game of Thrones along with other intellectual property of HBO.

Chinese hackers using Game of Thrones episodes as a phishing bait

A security company called Proofpoint discovered that an online-espionage hacker group has recently been trying to use the phishing method in order to install a remote access Trojan on their victims’ computers which would allow the attacker to gain full access to the targeted machine and spy on the user from there.

The said hacker organization has been sending phishing e-mails to users, asking them whether they wanted to see leaked Game of Thrones episodes in advance. In some instances, the users were even told that if they wanted to watch the episodes, they’d have to pay a certain amount of money. However, the main idea was that the user would download the attached LNK file/files and run them on their computer. Once the victim does that, the file would run a Powershell script which would lead to the installation of the so-called 9002 Trojan Horse virus.

The name of the hacker group is APT17 and it has been also known under other names such as Group 27 and Deputy Dog. Some researchers suggest that the hacker organization is actually operating from outside of China, though this isn’t confirmed. The group has had several previous large scale attacks such as the attempts at hacking Google’s infrastructure or attacks on the governments of a number of Asian countries. One of Proofpoint’s researchers has shared that the main target of the Game of Thrones phishing are technology companies.

Malware distribution using web-piracy

Even though as of yesterday, the final episode of the popular TV series has already been aired, many users who might have not seen it could still potentially get lured into downloading unreliable data in hopes that they’d be able to watch anything that they might have missed from the show. Additionally, as we already mentioned, more materials owned by HBO have also been allegedly leaked which might also be used for potential phishing. All in all, online piracy and users who think that they benefit from it could always end up landing some nasty malware virus since the promise of gaining free access to something that you would otherwise need to pay for is the perfect bait that hackers tend to use in order to lure their victims.


Boris is a writer and an editor of the articles on Malware Complaints. His mission is to provide the readers of our website with essential information and details with regards to various malicious programs, software viruses, potentially unwanted applications and any other form of malware that you, the users, might encounter. In addition, he also posts reviews of different programs and applications as well as news articles on various interesting and important topics related to the software world.

Leave a Reply

Your email address will not be published. Required fields are marked *