A new report from Iredeto suggested that hundreds of stolen logins for popular streaming services and VOD (Video on Demand) are being sold in places like dark web every month. There are a lot of credentials that are being sold; in fact the company has found more than 42 listings including Netflix, DirecTV, HBO GO and Hulu. During one month alone company spotted more than 854 credentials that were listed by more than 69 separate vendors from 15 different marketplaces in the dark web.
What Is The Average Price Of Logins?
The credentials are being sold at a price of $8.71 on average for each one time use. There are even some dark web sellers that were selling the credentials in a bundle for more services at higher price points. Irdeto is trying to bring the attention of piracy and other illicit activities as it sells the content security and monitoring solutions. Their full white paper; Iredeto Global Consumer Piracy Threat 2018, can be viewed here.
While some services like Netflix are keeping an eye out for the customer’s credentials turning up in large batches and if the company notices the credentials in the wild they are buying them and notifying the users to use secure passwords. Some services are even looking up the emails of the all the breaches to see if any names match and check the hash of the password if it matches with their hash and in the cases, they will re-hash the password immediately.
Netflix has even closed some accounts and resets passwords of some users in 2016 when they found the credentials of their users on sale in online hence the company locked the accounts to prevent them from being hijacked.
How to protect your account?
We suggest users change passwords regularly and also check for unfamiliar activity on your accounts and we also suggest users to stop reusing the passwords for every service they use on the internet. It is better to enable 2FA if the company provides the feature for the users or consider using a password manager if you have trouble keeping track.
Take your time to comment on this article.
Latest posts by Harikrishna Mekala (see all)
- A Serious Security Flaw Found in LibSSH - October 19, 2018
- Flaws in Branch.io Affected Over 685 Million Users - October 17, 2018
- Microsoft Store Has Been Hosting an Ad Clicker Disguised as a Google Photos App - October 16, 2018