A recent report by Netherlands-based cybersecurity firm Irdeto reveals that the login credentials of multiple online streaming services can be found on the dark web for just less than $9.
The digital platforms whose logins are up for sale in the hidden marketplaces include Netflix, Hulu, HBO and DirectTV, among others.
The Study by Irdeto
The 2018 Global Consumer Piracy Threat Report reveals that the stolen credentials were being offered in over 15 darknet markets by more than 69 vendors.
On top of that, they spotted a total of 854 listings of more than 42 different OTT (over-the-top) media services.
According to the results of the report, the amount to be paid by the buyer to the darknet vendor averages at $8.81 for login details, with some vendors selling for a higher price whereas others are selling for a lower amount.
To check if the credentials worked, the researchers reviewed the ratings left by the buyers.
Once a buyer is interested, they would buy the login information which included a username and password, after which they can easily login into the streaming service and enjoy watching digital content without the knowledge of the account owner.
The ratings did not disappoint though because some of those who made purchases left some positive reviews for the vendors stating that the usernames and passwords indeed worked.
With that in mind, Irdeto further made it categorically clear that they never made any purchases of the login details as they were more focused on the study.
The Associated Risks
In the long term, the effect of individuals getting access to the media services is that the streaming companies will suffer a loss of revenue because someone somewhere will be receiving the services they offer at little or no cost.
Then the other factor is that legitimate account owners will have already had their accounts compromised and used on a regular basis at a minimal fee and without their knowledge.
Those who use the same email password for the email addresses put themselves at a higher risk because it is possible for criminals to try the password on the real email to see if it will grant access.
If and when that happens, then the legitimate owner ends up getting locked out from their email account, exposing themselves to more threats.
Streaming Services on the Losing End
According to an analysis in the first quarter of 2018, Irdeto’s web analytics partner discovered that for illegal live streaming, the average total global per-month visits was 74 million, translating to an average of 21 million unique monthly visits accessing the top 10 OTT sites.
Out of the unique monthly visits, 2.93 million are in the U.S., 1.7 million from the U.K., 1.52 million from Germany and .7 million in Canada.
The figure is expected to show an upward trajectory because of this form of criminal activity on the rise.
Apart from the availability of paid streaming credentials on the dark web, the Piracy Threat Report also looked at the market of illicit streaming devices (ISDs).
In the finding, it became apparent that the use of e-commerce platforms to advertise ISDs is very rampant especially when there are sporting events which tend to attract a considerable number of visitors.
Take for instance, in 2018 alone; over 7,000 ISD ads in 60 domains went down as a result of an operation by Irdeto.
Also, in one particular situation, the company was able to identify adverts that offered options to stream the widely televised Anthony Joshua vs. Joseph Parker boxing match in some of the popular e-commerce sites.
It is however not the first time that this is happening.
In 2016, research done by Symantec showed that darknet users could obtain Netflix login details for a fair amount.
Earlier, in 2015, a report by McAfee Labs found that darknet platforms offered cheap prices (as little as $.50) for a lifetime access to stolen Netflix accounts.
How the Login Information Is Obtained
By creating phishing sites, it was easy to trick subscribers of OTT sites that they are actually on the correct page, after which they would enter their usernames and passwords only to be stolen by the hacker.
The other mode used is setting up ads promising cheaper access to Netflix.
This would hoodwink the individual into download the app and upon launching it, the program would then create a decoy of the actual Netflix website, tricking the customer into entering their login details.
These among other tactics are widespread among attackers who are targeting various online companies.
Some of the Solutions
In a press release, Irdeto Vice President Mark Mulready acknowledged that the competition between established paid TV operators and piracy thieves is high.
He further said that the stakeholders, including content owners, law enforcement bodies, copyright holders and others, are working together in different capacities to fight the criminals.
For those who are fond of subscribing to OTT services, it is recommended that they regularly change their password especially if they see any suspicious activities going on in their account.
For example, when using Netflix, there might be an additional number of user profiles or even movies appearing that you have never watched before.
Such suspicious activities among users of the streaming services need to be taken seriously because they are the key indicators of hijacked accounts.
Netflix also monitors for the large-scale availability of customer credentials, and if they happen to come across any, they then notify their users to change their account logins order to stay secure.
In 2016, Netflix was forced to suspend accounts of users whose details were available in the dark web in a bid to prevent them from being hijacked.