Symantec has observed malware and phishing campaigns targeting Netflix users’ information. The details are then added to a growing black market that claims to provide cheaper access to the service.
Hackers Are Stealing Netflix Users Credentials
Symantec research released overnight tracks how cyber criminals have piggybacked on Netflix’s global expansion to steal users’ credentials in order provide the streaming service at black market prices.
Symantec has observed two different attack methods
- The first is a malware campaign aimed at stealing bank information from the affected computer where the malicious files are downloaded by users who were tricked by fake ads or offers of free or cheaper Netflix access.
- The second attempts to steal Netflix login credentials through phishing campaigns that redirect users to a fake Netflix website and tricks them into providing their login credentials, personal information, and payment cards details.
Netflix black market
Both malware and phishing campaigns help attackers gather the credentials needed to break into victims’ Netflix accounts. But the attackers may not just keep this access for themselves. There is an underground economy targeting users who wish to access Netflix for free or a reduced price. The products could even allow customers to open their own illegal store.
The most common offers are for existing Netflix accounts. These accounts either provide a month of viewing or give full access to the premium service. In most advertisements for these services, the seller asks the buyer not to change any information on the accounts, such as the password, as it may render them unusable. This is because a password change would alert the user who had their account stolen of the compromise.
Symantec advises users to only download the Netflix application from official sources. Additionally, users should not take advantage of services that appear to offer Netflix for free or a reduced price, as they may contain malicious files or steal data.
For more information about Netflix malware, please visit Symantec’s blog
Have something to add to this story? Share it in the comments.