Sat. Jun 6th, 2020

Streaming Piracy Apps Are Being Used to Steal User Data

A new report from security experts at Digital Citizens Alliance (DCA) and Dark Wolfe Consulting found that many streaming devices are rigged with malware.


To assess the streaming piracy ecosystem, researchers picked six streaming devices that use the Kodi Platform. The Kodi devices, sometimes called ‘Kodi boxes’ or ‘jailbroken Fire TV sticks’ are popular amongst users because they are simple to set up, they are sold on popular online auction sites, and they simplify users’ access to pirated content. However, these devices are loaded with security issues.


“What most users don’t realize is that plugging one of these devices into their home network is like pulling a trojan horse in through the front door,” researchers said.


Even more, the devices are easy for hackers to exploit. The researchers conducted over 500 hours of testing and some examples of security issues include:

  • Malware that forwarded users’ WiFi network and password to hackers, after downloading Mobdro — the movie and live sports streaming app
  • Malware that attempts to steal login credentials for valid subscriptions, such as Netflix
  • Malware that probed users’ network for vulnerabilities that would allow hackers to access additional files and devices


Additionally, Digital Citizens Alliance (DCA) and Dark Wolfe Consulting also partnered with security experts at GroupSense, who assisted them by infiltrating Dark Web chatrooms. And they found that hackers were discussing various ways to exploit vulnerabilities in pirated apps. Other chats discussed how to get information stored on devices such as pictures, credit cards, and passwords.


Sadly, despite the rapid increase of piracy devices rigged with malware, the researchers noted that consumers are still unaware of the risks.