Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Crime Entertainment

Man Arrested For Selling One Million Netflix, Spotify, Hulu Passwords (bitdefender.com) 25

Police in Australia have arrested a man who allegedly made AU $300,000 (US $211,000) running a website which sold the account passwords of popular online subscription services including Netflix, Spotify, Hulu, PSN, and Origin. From a report: The 21-year-old man was arrested on Tuesday in Sydney, Australia, following an international investigation by the FBI and the Australian Federal Police into the website Wicked Gen. The Wicked Gen website bragged that it had over 120,000 users and almost one million sets of account details, offering monthly and yearly membership plans for those who wanted "access to thousands of premium accounts across a huge range of services." The account passwords, however, were not obtained via legitimate means. Instead the details were typically obtained through credential stuffing using swathes of usernames and passwords leaked through other data breaches, without the knowledge of their genuine owners.
This discussion has been archived. No new comments can be posted.

Man Arrested For Selling One Million Netflix, Spotify, Hulu Passwords

Comments Filter:
  • Now I can no longer stream.
  • So basically people reusing the same login and password across different web sites.

    tl;dr Use a password manager.

    • by vinn01 ( 178295 )

      "Credential Stuffing" has got to be one of the worst descriptive tech terms. Just say "Password Reuse".

      It's not much of a hack to find a password and see what other websites the same password works on. Given that every fricken website uses email address for a username, once you have a email/password pair, you know the same pair is probably going to work elsewhere.

  • Kind of interesting story when you try to figure out who the real victims were, far more complex than it might seem at first. So the people who bought those usernames and passwords, well they were naughty people and knew full well what they were doing and yet in reality, once the actual holder of the username password finds out, they alter the account and the person who bought it has nothing, they can not lock the real user out because they will simply stop paying, so they knowing buyer is defrauded because

    • So the people who bought those usernames and passwords, well they were naughty people and knew full well what they were doing and yet in reality, once the actual holder of the username password finds out, they alter the account and the person who bought it has nothing, they can not lock the real user out because they will simply stop paying, so they knowing buyer is defrauded because they buy nothing, over the medium term.

      If the Energizer bunny was a sentence it would be this one.

  • I bet he gets more jail time than Manafort. The system is fucking broken.

  • So wait. This guy set up his site for selling stolen credentials on the CLEARNET? Did he accept payment in PayPal as well? What an idiot. Doesnâ(TM)t he know, situations like this are why God invented the darknet?

If all the world's economists were laid end to end, we wouldn't reach a conclusion. -- William Baumol

Working...