Akamai Finds Widespread SVOD Credential Attacks From Hacking
Content delivery network Akamai is calling attention to a form of identity theft called "credential stuffing," which impacted millions of subscription video, music, and gaming accounts in 2018. In credential stuffing, hackers use automated programs and stolen account information to attempt access to other online sites. The attacks can be successful when people use the same password for multiple accounts. Hackers often target streaming services during these attacks since breached accounts can be sold or used for video piracy.
According to Akamai's research, three massive credential stuffing attacks on video services in 2018 occurred after data breaches. That shows hackers were testing stolen IDs before selling them. The three attacks ranged from 133 million to 200 million login attempts.
Akamai discovered video tutorials online that show novice hackers how to perform credential stuffing with step-by-step instructions. The U.S. is the leading country originating credential stuffing attacks, followed by Russia and Canada. For consumers, the best defense is ensuring they use different usernames and passwords for every account.
"Many accounts compromised via credential stuffing will sell for as little as $3.25 USD," the report notes. "These accounts come with a warranty: If the credentials don’t work once sold, they can be replaced at no cost, which is a service sellers offer to encourage repeat purchases. The reason this service exists is that brands have become increasingly quick to detect compromised accounts and deactivate them."
Akamai's data comes from "State of the Internet/Security: Credential Stuffing: Attacks and Economies," available for free download (no registration required).
Related Articles
After huge data breaches at Facebook and LinkedIn, it's time for every OTT service to pay serious attention to protecting user data.
12 May 2021
Twenty percent of credential stuffing attacks directed toward media companies according to "Akamai 2020 State of the Internet / Credential Stuffing in the Media Industry" Report
16 Jul 2020
Providing flawless live streaming quality has never been more complex—or essential. However, relying on performance monitoring, real-time communications, and AI can ensure satisfied end-users.
01 Oct 2019
Data breaches aren't just a concern for financial platforms. Hackers also target OTT platforms. Here are three best practices for keeping subscriber data safe.
31 Jul 2019
Broadcasters see a day coming when they won't use satellites at all, but can streaming handle the demand? Akamai explains how to beat the bottlenecks.
13 Jun 2019
The total number of subscriptions will grow by 439M from 2018 to 2024—an 86% increase—reaching 947M. In 2019 alone, the number will increase by 119M.
03 Jun 2019
With security threats for premium video increasing, security technology must rise to the challenge. Akamai launches a variety of improvements for content protection.
04 Mar 2019
Reducing latency for HTTP Adaptive Streaming video to 3 seconds or less is possible, but it requires a complex workflow.
10 Oct 2018
Several sessions at Black Hat 2007 showed the need to continue to develop lean code and close potential vulnerabilities in media players that might be exploited by hackers.
Friday, Aug. 10, by Tim Siglin
10 Aug 2007