Credential stuffing attacks target media streaming services

By Ian Barker
Published 5 years ago

PC film

The entertainment industry and in particular streaming services is among the biggest targets of credential stuffing attacks according to a new report.

The study from digital delivery platform Akamai, unveiled at the NAB Cybersecurity and Content Protection Summit in Las Vegas this week, focuses on credential abuse attacks against online video and music streaming services.

It reveals three of the largest credential stuffing attacks against streaming services in 2018, ranging in size from 133 million to 200 million attempts, took place shortly after reported data breaches, indicating hackers were likely testing stolen credentials before selling them.

Stolen credentials can be used for a host of illicit purposes, not least of which is enabling non-subscribers to view content via pirated streaming accounts. Compromised accounts are also sold, traded or harvested for various types of personal information, and they are often available for purchase in bulk on the Dark Web, according to Akamai researchers.

"Hackers are very attracted to the high profile and value of online streaming services," says Akamai's director of security technology and strategy, Patrick Sullivan. "Educating subscribers on the importance of using unique username and password combinations is one of the most effective measures businesses can take to mitigate credential abuse. The good news is that organizations are taking the threat seriously and investigating security defenses, as evidenced by the discussions at NAB. Akamai offers its research and best practices to help these organizations who are facing significant brand and financial harm."

The report spotlights how Akamai researchers discovered easily accessible online video tutorials that provide step-by-step instructions for executing credential stuffing attacks, including using all-in-one applications to validate stolen or generated credentials. The report lists the United States as the top country of origin for the attacks, followed by Russia and Canada. The US is also the top target, followed by India and Canada.

Credential stuffing attacks target media streaming services

Recent Headlines

Netflix says it will no longer share details of subscriber numbers

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

TEAMGROUP unveils MP44Q M.2 PCIe 4.0 SSD

Cyberwarfare incidents reported by almost half of UK firms

Ransomware, meet DRaaS: The future of disaster mitigation

Get 'Modern DevOps Practices -- Second Edition' (worth $39.99) for FREE

Number of ransomware victims up 20 percent in first quarter of 2024

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

EndeavourOS ARM discontinued: A huge loss for the Linux community

Install the KB5035942 update for Windows 11 to gain all of the Moment 5 features right now