Drastic Increase in Credential Stuffing Attacks in the Media Industry
Credentials for music and video music streaming services are in popular demand on cyber-criminal platforms. Recently, there has been an increase in the use of credential stuffing tools, since conducting credential stuffing attacks is simple, low-risk, and it delivers a high return on investment (ROI) if successful.
Credential stuffing and the Media industry
Media organizations are among the biggest targets of credential stuffing attacks. Attackers can be seen targeting all types of media when it comes to these types of attacks.
- According to Akamai, between January 1, 2018, and December 31, 2019, 88 billion credential stuffing attacks were recorded across a number of industries. Of these, 17 billion, or about 20% were specifically targeted at the media sector, which includes streaming media, TV networks, cable networks, broadcasting, and even digital publishing and advertising.
- In Q1 2020, the trend of credential stuffing attacks continued against various publications, advertising platforms, and music services, and even reached a peak of around billions of hits per month.
- Cybercriminals traded video media accounts for about $1 to $5 on the criminal market. As some media platforms utilize the same credentials in other platforms they own, hackers were found selling packaged offers for $10 to $45.
- Akamai also recorded a 630% and 208% increase in the attacks on broadcast television and video websites respectively.
Credential stuffing attacks in the past
Criminals often merge old combination lists of their compromised accounts with newer lists and sell them on the open market based on people’s interest, location, and volume.
- In May 2020, the Rambler-owned blogging platform LiveJournal was targeted by multiple credential stuffing attacks. It is believed that these credentials were obtained by the hackers from an attack launched in 2014.
- In April 2020, threat actors were selling over 500,000 Zoom accounts credentials, likely gathered from older credential stuffing attacks and leaks on the dark web and hacker forums.
From a security point-of-view, most media and digital platforms don't offer strong security features like multi-factor authentication, or often users simply do not take advantage of them even if available, thereby resulting in a higher rate of successful credential compromises.