NordVPN, in cooperation with cybersecurity researchers, has found stolen data records from 16 million computers worldwide. The company notes the stolen data “ended up on the dark web after the computers got infected with Zeus, Pony Stealer, RedLine, Raccoon, and dozens of other types of malware built specifically for capturing login credentials saved on computers. As a result, 174,800 content streaming accounts ended up on the market for a resale.”
What has been stolen?
Daniel Markuson, a digital privacy expert at NordVPN said: “If you have ever saved your credentials in a browser, including your streaming service logins, your home address, or, even worse, your credit card data, malware like Zeus, Pony Stealer, RedLine, or Raccoon would take it all.
“More than that, bad actors also get information about your usernames, location, and hardware configurations and might take control over your device. Malware like that is not easy to get. It’s sold underground on a subscription basis.”
NordVPN’s data breach research partners evaluated a database that contained information leaked from 16 million computers in total, and estimate that the damage inflicted on users of streaming services alone could round up to $38M, with the damages calculated based on the most popular streaming service premium plan price for 12 months.
We’re told that Netflix users suffered the most: 61% of all stolen streaming credentials are associated with one of the most popular streaming platforms online. This was followed by Spotify (25%) and Amazon Prime (7%). Combined with Hulu, Vimeo, and Disney+, 174,800 thousand accounts have been stolen and are now being sold online.
Who was most affected?
According to NordVPN’s researchers, “half a million American internet users and more than a third of a million Canadians managed to download and install the malware that stole their credentials”.
Markuson added: “One day, these people will find themselves locked out of their accounts, unable to access it because the account got sold, its password changed, and the initial email associated with it replaced.”
However, users from the US and Canada are not the ones who were affected the most. NordVPN notes that “as many as 1.8M Indonesians got their data stolen and leaked, and the country alone represents 11.4% of all infected devices in the world. India, Brazil, and Argentina come next, with 1.2M computers affected each.”
Malware that extracted information from 16M internet users worldwide is built to harvest information from browsers.
Australia is not in the top 20 list, but that doesn’t mean Australians shouldn’t be complacent, nor anyone from any country. After ,all, Australia did hit the list in 35th spot out of 99 countries) with 89,740 computers affected - has your account been stolen?
Here is the list of the top 20 countries by the number of computer users affected by the data leak the cybersecurity researchers discovered:
Country Computer users affected
1 Indonesia 1,826,949
2 India 1,259,684
3 Brazil 1,159,770
4 Argentina 1,150,360
5 Pakistan 541,667
6 Italy 516,479
7 U.S. 511,176
8 Russia 487,224
9 Philippines 389,703
10 Egypt 388,206
11 Vietnam 371,899
12 Canada 368,334
13 China 358,670
14 France 300,398
15 Spain 284,444
16 Thailand 246,337
17 Turkey 233,684
18 UK 214,864
19 Bangladesh 214,620
20 Ukraine 202,555
What happens to stolen Netflix accounts?
We’re told that streaming service accounts are a very common exchange unit on the dark web.
Here, Markuson says he has “observed hackers simply sharing it for free, as it takes almost no effort to obtain them. On the other hand, eBay and other classifieds are full of offers to get access to a streaming service for half the price.
“One listing on eBay reads: “Netflix Account Premium 4K ultra HD 4 Screens 12 Months. Instant delivery within 1 min to 12 hours Worldwide. You can change your password, your email and your phone number. Works on your TV, computer, smartphone and tablet.” The price for the stolen annual subscription is US $19.99, when the official one costs $215.88.
“There is no doubt such accounts came from leaked computer data or acquired through other illegal activities. People who think it's a good idea to spend your money on that are contributing to theft,” continued Markuson.
So, how can you protect your data from being stolen and streaming service accounts from being taken over?
NordVPN tells us “Netflix and other streaming services accounts found by the cybersecurity researchers got leaked after users injected their computers with malware by clicking on a link or file distributed via email or private messaging apps.
“Such attacks often succeed for two reasons: lax cybersecurity protections and human error. Criminals prey on urgency and deceit.
“People think they are clicking on a link or opening an attachment from a trusted source provided in an email. Once they do, malware code gets executed on their device and secretly starts draining data from the victim's computer.
“Before opening any link or any attachment whatsoever, one must be 100% sure it’s legitimate,” warned Markuson.
According to the cybersecurity expert, “Another issue is that people barely use cybersecurity protections like VPN and antivirus. And, if they do, they fail to keep them up to date. The combination of the two could block the way to malware installation.
“What people must understand is that the stolen login credentials to streaming services are just a fraction of what has been leaked. Unencrypted files ended up on the dark web too. The best way to prevent this from happening to you is to start using protection tools like NordLocker that encrypt data and keep it safe in the cloud. Without a decryption key this information is useless,” Markuson concluded.
iTWire’s advice is simple:
- Use a password manager. Personally, I’ve been using 1Password for years, but Nord also has a solution called NordPass which is one of the many password managers out there that can ensure you have a different password for each account, and that the password used is long and complex - and you only have to remember a single password to access all the others.
A password manager also fills out the username and password for the sites and apps that need it.
- Change your passwords on a regular basis - at least every six months. Yes, it’s a pain to do this, but if you change your passwords regularly, then even if they leak, they’ll be out of date. Change your Netflix, Spotify, Apple ID, Google ID, your phone login code and more.
- Activate two or multi-factor authentication. Whether it’s the Google Authenticator or similar apps, it’s safer and faster than receiving a text message with a code to type in, and most major online services offer this capability.
- As Markuson advises, use a VPN and use Internet security software. Whether that software is Acronis, Norton, Kaspersky, AVG, Avast, Trend Micro, BitDefender, Malwarebytes or others, it’s vitally important that you use these. Personally I like to use one of these solutions plus Malwarebytes plus a VPN, with NordVPN the particular VPN that I use, but there are several reputable ones to choose from (and several dodgy free ones too, which you should avoid).
- Update your apps, update your OS, and have at least one physical and one cloud-based backup.
- Finally, as Markuson notes, be wary of attachments in emails, pop-ups on websites promising updates of Abode products and downloads from the Internet that you’re unsure about. Also, if you think you’ll save money by looking for and installing pirate software, that kind of software is almost always packaged with malware, which can prove to be very expensive.
So, with major companies and online services seeming to be breached every week, if not every day, it really is important to use strong passwords and use affordable software to protect your digital life and your bank account. Be safe!