With all of the excitement surrounding Kanye West’s upcoming album Donda, Kaspersky decided to look into whether cybercriminals used the album’s release to spread files containing various dangers, phishing, and other malicious software under the pretext of Donda.

Kanye West’s Donda attracting more than just music fans

Despite the fact that scammers did not show a lot of interest, analysts were able to uncover many examples of harmful programmes and bogus websites masquerading as the album between July and August 2021.

Experts discovered two adware files in particular that masqueraded as a media file with a new track:

  • Download-File-KanyeWestDONDA320.zip_88481.msi
  • Kanye West _ DONDA (Explicit) (2021) Mp3 320kbps [PMEDIA] __ – Downloader.exe

Scams of many kinds are another example. Users who choose the first choice will be sent a link to download the “album” and will be asked to complete a survey and confirm that they are not a robot.

The survey asks a number of questions, including “how much do you make” and “do you want to be wealthy?” After completing the survey, the user is routed to a fake website where they can make money with bitcoins.

Of course, the record’s link never shows, and those who fall for the prospect of becoming a bitcoin millionaire and submit personal information risk losing their money and not being able to access the album.

The second common scenario is when a user discovers a link to an archive containing an album. This archive, however, will be contaminated with malware. The user’s device will be infected after unpacking it.

Kaspersky has developed a few simple suggestions to help you avoid being a victim of a fraudulent attack by an attacker:

  • It’s safer to access content from official platforms only, like Apple App Store, Google Play, Spotify, Apple Music, etc. Apps and files on these are not 100% failsafe, but at least they get checked by the platform’s representatives and there is some filtration system.
  • It is a good idea to check the link before clicking. Hover over it to preview the URL, and look for misspellings or other irregularities.
  • Sometimes e-mails and websites look just like real ones. It depends on how well the criminals did their homework. But the hyperlinks, most likely, will be incorrect with spelling mistakes, or they can redirect you to a different place.
  • Try not to open unexpected files sent by your friends or relatives. They may be ransomware or even spyware, just like attachments from official-looking e-mails.
  • Install a trusted security solution and follow its recommendations. These secure solutions will solve the majority of problems automatically and alert you if necessary.