Friday, December 4, 2015
People Are Selling Hacked Subscriptions To Netflix, Spotify, HBO.....
When you think of marketplaces on the so-called "Dark Web," that place on the internet that you can only access with special browsers that anonymize your IP address, you probably think of sites that sell drugs, weapons, and other illicit products and services.
But it's also full of cheap subscriptions to some of the most popular legitimate streaming video and music services, like Netflix, Spotify, and HBO.
"We found pretty much everything possible available for sale," Raj Samani, the vice president and CTO at Intel Security, who last month wrote a report on the Dark Web, told Tech Insider in an interview. "Every possible service and every possible flavor you could think of was being made for sale."
Indeed, a recent visit to one of these marketplace on the Dark Web by Tech Insider found that he could easily buy lifetime subscriptions to Spotify and Netflix for a fraction of the price of a monthly subscription.
What's remarkable about this is that buying legitimate subscriptions to these services is both easy and relatively inexpensive, yet a marketplace still exists for these.
A lifetime subscription to Spotify is only $1.95.
Samani said that these accounts are likely based on both stolen credit card data as well as stolen account information.
Here's a lifetime subscription to Netflix for just $0.50:
It's highly competitive for these sellers, and many are somehow able to guarantee that you'll have lifetime access to these services, even if there are issues with that original account you buy. That is, the sellers say they'll give you working account information if the account credentials you buy are shut down.
"Its remarkable," Samani said. This marketplace "actually has its own help desk."
"I dont want to call it a risk-free transaction but they try to make it as risk free as they possibly can," he said.
As Samani outlined in his report last month, having one of your own accounts end up on a Dark Web marketplace could be a huge headache. The account could be closed because of malicious activity, and you may have to endure hours on the phone with technical support.
That's why it's important to keep your own data safe. Use unique, strong passwords for all of your services, and use two-factor authentication whenever possible. Two-factor authentications requires people to have a second form of credentials, like a code from a text message, when they login to an account.