Hackers Are Stealing Netflix Users Credentials

By Frederique Bros
on 21 February 2016

Symantec has observed malware and phishing campaigns targeting Netflix users’ information. The details are then added to a growing black market that claims to provide cheaper access to the service.

Hackers Are Stealing Netflix User’s Credentials

Symantec research released overnight tracks how cybercriminals have piggybacked on Netflix’s global expansion to steal users’ credentials in order to provide the streaming service at black market prices. 

Symantec has observed two different attack methods

  • The first is a malware campaign aimed at stealing bank information from the affected computer where the malicious files are downloaded by users who were tricked by fake ads or offers of free or cheaper Netflix access.
  • The second attempt to steal Netflix login credentials through phishing campaigns that redirect users to a fake Netflix website and trick them into providing their login credentials, personal information, and payment card details.

Netflix black market

Both malware and phishing campaigns help attackers gather the credentials needed to break into victims’ Netflix accounts. But the attackers may not just keep this access for themselves. There is an underground economy targeting users who wish to access Netflix for free or at a reduced price. The products could even allow customers to open their own illegal stores.

The most common offers are for existing Netflix accounts. These accounts either provide a month of viewing or give full access to the premium service. In most advertisements for these services, the seller asks the buyer not to change any information on the accounts, such as the password, as it may render them unusable. This is because a password change would alert the user who had their account stolen of the compromise.


Symantec advises users to only download the Netflix application from official sources. Additionally, users should not take advantage of services that appear to offer Netflix for free or at a reduced price, as they may contain malicious files or steal data.

For more information about Netflix malware, please visit Symantec’s blog.

Related News

More WLT News