The hackosphere has a new twist -- hackers going after consumers who watch pirated content.
A new study by the Digital Citizens Alliance investigation lays out a bizarre narrative where hackers go after consumers who are cheating the system via piracy apps to get video content like Netflix for free. But -- and here’s where it gets interesting -- the hackers then deposit malware into the consumers’ piracy apps in hopes of snaring usernames, passwords, and the like.
The new study focuses on downloads from rogue apps, piggybacking an earlier study ConsumerAffairs reported on regarding downloads from websites.
Here’s what was discovered:
As soon as an Alliance researcher downloaded Mobdro -- and app that touts it can “find free video streams online and brings them to your Android smartphone or tablet to enjoy” -- malware within the app forwarded the researcher's Wi-Fi network name and password to a server that appeared to be in Indonesia.
Once inside the server, malware then went after vulnerabilities that might give it access to files and other devices the consumer might have. In Alliance’s test, the malware skated off with 1.5 terabytes of data from the researcher's device.
Who’s to blame?
This is where it gets tricky. Of course, pirating content is illegal, but Alliance puts the onus on the users themselves who are assisting the hackers by giving them direct access to their home network.
"What the investigation shows is that as piracy shifts from websites and downloads to devices and apps, hackers are adapting and finding new ways to exploit consumers," said Tom Galvin, Executive Director of Digital Citizens. "Consumers think these devices are like an Apple TV or Roku device, but they have a distinct difference: they have little to no incentive to protect their users. In other words, they are perfect for hackers."
Galvin says the threat is doubly alarming because the consumer is, in effect, “escorting” the hacker past vital network security.
“And it all starts so simply. A user purchases a device loaded with apps that offer free access, for example, to the latest movies in theaters or live broadcasts of Major League Baseball games. These devices – sometimes known as “Kodi boxes” or “jailbroken Fire TV Sticks” – look and behave like a Roku box, Apple TV or other legitimate devices. But instead of accessing legitimate services like Netflix or Hulu, they link to pirate apps,” Galvin said.
These devices are becoming popular. According to a Digital Citizens research survey of 2,073 Americans, 13 percent reported that they have a device that offers pirated content in their home. The majority of Americans (59 percent) said that “most consumers are probably unaware of the security risks that can occur when plugging one of these devices into a home network.”
Hackers are smart. Consumers need to be smarter
You can imagine that having access to 13 percent of Netflix’ nearly 150 million users is quite a field day for hackers. Lying in wait, hackers bank on the presumption that the freebooting consumer is so caught up in the joy of being able to buy something for $75-100 that gives them access to content for free, the consumers doesn’t pay attention to the possibility that one of these apps can wreak havoc.
“Consumers should use devices made by companies they know and shop at app stores that they can trust,” Galvin told ConsumerAffairs. “If it’s jailbroken, it means you get more choices, but you're also more likely to get malicious apps that can infect your devices."
"Our research strongly suggests that engaging in dangerous online activity, such as using piracy devices and apps, increases your risks. Americans who said they used these devices were six more times likely to report a problem with malware.”
The Digital Citizens investigation was conducted in conjunction with Dark Wolfe Consulting, a cybersecurity company that specializes in network security, penetration testing, and targeted malware collection.