Save your FREE seat for Streaming Media Connect this August. Register Now!

Akamai Finds Widespread SVOD Credential Attacks From Hacking

Article Featured Image

Content delivery network Akamai is calling attention to a form of identity theft called "credential stuffing," which impacted millions of subscription video, music, and gaming accounts in 2018. In credential stuffing, hackers use automated programs and stolen account information to attempt access to other online sites. The attacks can be successful when people use the same password for multiple accounts. Hackers often target streaming services during these attacks since breached accounts can be sold or used for video piracy.

News 1According to Akamai's research, three massive credential stuffing attacks on video services in 2018 occurred after data breaches. That shows hackers were testing stolen IDs before selling them. The three attacks ranged from 133 million to 200 million login attempts.

Akamai discovered video tutorials online that show novice hackers how to perform credential stuffing with step-by-step instructions. The U.S. is the leading country originating credential stuffing attacks, followed by Russia and Canada. For consumers, the best defense is ensuring they use different usernames and passwords for every account.

"Many accounts compromised via credential stuffing will sell for as little as $3.25 USD," the report notes. "These accounts come with a warranty: If the credentials don’t work once sold, they can be replaced at no cost, which is a service sellers offer to encourage repeat purchases. The reason this service exists is that brands have become increasingly quick to detect compromised accounts and deactivate them."

Akamai's data comes from "State of the Internet/Security: Credential Stuffing: Attacks and Economies," available for free download (no registration required).

Streaming Covers
for qualified subscribers
Subscribe Now Current Issue Past Issues
Related Articles

OTT Platforms Need to Focus on Cybersecurity

After huge data breaches at Facebook and LinkedIn, it's time for every OTT service to pay serious attention to protecting user data.

Akamai Data Shows Credential Stuffing is Rampant in Media Industry

Twenty percent of credential stuffing attacks directed toward media companies according to "Akamai 2020 State of the Internet / Credential Stuffing in the Media Industry" Report

Akamai Offers Best Practices for Troubleshooting Live Streams

Providing flawless live streaming quality has never been more complex—or essential. However, relying on performance monitoring, real-time communications, and AI can ensure satisfied end-users.

Akamai Explains the Security Risks With Streaming Video Services

Data breaches aren't just a concern for financial platforms. Hackers also target OTT platforms. Here are three best practices for keeping subscriber data safe.

Akamai Looks to the Future of Broadcast at Edge World Conference

Broadcasters see a day coming when they won't use satellites at all, but can streaming handle the demand? Akamai explains how to beat the bottlenecks.

Number of Global SVOD Subscriptions to Near 1B by 2024: Report

The total number of subscriptions will grow by 439M from 2018 to 2024—an 86% increase—reaching 947M. In 2019 alone, the number will increase by 119M.

Akamai Intros Enhancements at the Edge, Securing Premium Video

With security threats for premium video increasing, security technology must rise to the challenge. Akamai launches a variety of improvements for content protection.

Akamai Announces Support for Ultra-Low Latency With CMAF

Reducing latency for HTTP Adaptive Streaming video to 3 seconds or less is possible, but it requires a complex workflow.

Players and Codecs Come Under Hacker Scrutiny

Several sessions at Black Hat 2007 showed the need to continue to develop lean code and close potential vulnerabilities in media players that might be exploited by hackers.
Friday, Aug. 10, by Tim Siglin