Netflix, Hulu and HBO GO subscribers data found up for sale on the dark web
- 854 sets of stolen over-the-top (OTT) credentials were found being sold on the dark web.
- These stolen credentials were from 42 OTT services and were sold by 69 different dark web vendors.
Security experts have recently discovered cybercriminals selling hundreds of stolen login credentials for popular streaming services on the dark web. These stolen login credentials are made available every month on dark web marketplaces for an average amount of just $8.81. These kinds of underground sales puts consumers’ personal information at risk and affects over-the-top (OTT) revenues.
These stolen credentials were from 42 OTT services that include popular streaming services such as Netflix, Hulu, DirectTV and HBO GO, the New Piracy Trends Report by Irdeto revealed.
In the month of April alone, Irdeto discovered that around 854 sets of credentials were sold by 69 dark web vendors in 15 different underground marketplaces. The firm also found that illegal live-streaming piracy has become a crucial problem.
During the first quarter of 2018, an average of 74 million visits was observed on the top ten streaming sites. Most of this traffic came from the US (2.93 million monthly visits), the UK (1.71 million) and Germany (1.52 million).
Irdeto also discovered numerous ads for “fully-loaded” illegal streaming boxes on popular online shopping sites such as eBay and Gumtree.
It is still unclear whether these OTT credentials are being sold on the dark web for monetary purposes or whether the cybercriminals have stolen them to reuse them in other malicious attacks.
Irdeto has recommended consumers to be careful of any unfamiliar activity connected to their accounts and change their passwords immediately.
“Content owners, rights holders, technology and security partners and law enforcement agencies are working hard to combat the threat of piracy. However, consumers must also be vigilant to avoid the risks they may be subject to from illegal content,” Mark Mulready, VP of cybersecurity services at Irdeto, said in a statement.
“Consumers must think about where they access their content from and ensure that any streaming or downloading is done from legitimate sources. They must also remember that if they use the same password for their OTT services as they do for a number of other online accounts, they could also be opening themselves up to a wider array of exploitative threats” added Mulready.