Kaspersky: Pirates pose as top streaming services to lure consumers to malware

Sponsor ad - 728w x 90h (at 72 dpi)

A study posted by Kaspersky Lab analyzes how pirates, posing as leading streaming video services, inflict malicious attacks on consumers who believe they are following legitimate requests.  The study’s estimates are based on measurements taken by the Kaspersky Security Network (KSN) system, for five major streaming platforms: Netflix, Hulu, Amazon Prime Video, Disney + and Apple TV Plus

As more streaming services come on the scene, password theft has become a lucretive opportunity for pirates, who resell them.  Kaspersky’s current estimate is that they sell for $3-$11; Akamai’s estimate is lower for individual streaming services but far higher for bundles.

Sponsor ad

Consumer email addresses may be used in phishing emails to entice consumers to register for a pirate service that resembles a legitimate service.

Fake page to register fro a free Disney + account. Source: Kaspersky

Another approach is to ask users to confirm or update their payment information for a streaming platform account, or to ask the user to enter a secondary payment method.

Phishing as an avenue for malware attacks

Percentage distribution of different types of threats disguised under the name of popular streaming platforms. Source: Kaspersky

Phishing can also be used to entice consumers to download malware, thinking that they are downloading legitimate exclusive apps or updates.  Nearly half of these are trojans, which are designed to inflict damage on their own, or to function as downloaders for other damaging software.

For every user whose account was compromised, there was an average of nearly 6 attacks per user.  By far, the greatest number of subscribers who were attacked were Netflix subscribers. The study was conducted from January 2019 until early April 2020.

Read the Kaspersky summary (press release)

Read the detailed report

Why it matters

The Kaspersky study confirms and details methods used by pirates to attack consumers of streaming video apps, including those recognized in 2019 by the United States Federal Trade Commission.

The study measured five major streaming platforms, which have a total of more than 500 million subscribers among them, worldwide.

However, the evaluation did not include newly launched the recently introduced HBO Max or Comcast Peacock services.  They are sure to be leveraged as additional lures, using the methods described by the Kaspersky report.

From our Sponsors