Hackers are stealing Netflix passwords and selling them on the black market

Netflix, the beloved streaming service that allows people to stream TV shows, movies, documentaries, and more right to their computers or television sets is a hot commodity on the black market — well Netflix passwords are, at least.

B54O1315

Instead of paying a subscription fee, hackers are conducting malware and phishing campaigns that access Netflix users’ information and then selling the details for cheaper access and service, according to security firm Symantec.

How they’re doing it

Symantec reports that hackers can access Netflix users’ information by either employing malicious files that pose as Netflix software on compromised computers’ desktops or attempting to steal log-in information via phishing since Netflix subscriptions allow up to four users on the same account, allowing for a hacker to piggyback on a user’s subscription without their knowledge.

Symantec reports on one such phishing campaign which took place January 21 targeting Danish users:

“The phishing email tried to trick users into believing that their Netflix account needed to be updated, as there was an issue with their monthly payment. The emails were sent from netflix@fakt[REDACTED].com with the subject “Opdater Betalingsinformation”. The site that the email linked to is no longer active.”

Once the hackers can get access to the user credentials, they can hit up the black market, “an underground economy targeting users who wish to access Netflix for free or a reduced price.”

Most offers on the black market target existing Netflix accounts, which would provide a month of free viewing or grant full access to Netflix’s premium service. One such advertisement for this illegal activity offers account information for as little as 25 cents per account (4 account minimum). The seller will typically ask the buyer not to change any information on the accounts because it could alert the user who had their account stolen.

An underground Netflix advertisement. (Image via Symantec)
An underground Netflix advertisement. (Image via Symantec)

Attackers have also created a “Netflix Generator”, which could create accounts from stolen Netflix subscriptions or payment card details. This would allow buyers to use the software for themselves or re-sell generated accounts on the black market.

To protect yourself from one of these attacks, Symantec suggests only downloading Netflix from official sources and to steer clear of services that appear to offer Netflix for free or a reduced price. The company also recommends using security products to protect against the malware.

Story via Symantec.

Comments are closed, but trackbacks and pingbacks are open.