sb-eu logo
Story image

Disney+: Is it safe to subscribe?

Users are being advised to follow best practice when it comes to online service platforms, in the wake of the launch of Disney+ into the market. 

"While the market has been largely speculative about Disney+ and Netflixs reign as the top OTT service provider, Disney+ seems to have fallen shortly behind with its subscribers recently falling victim to credential stuffing, a technique attackers use to steal passwords to gain access to accounts," explains John Shier, senior security advisor, Sophos.

"News reports have also said that thousands of hacked Disney+ accounts are already up for sale on hacking forums."

Shier says many Disney+ users are reporting that they have been locked out of their accounts. Disney+ has responded by saying they have no evidence of a breach. 

"Our experience suggests that this is likely the result of a credential stuffing attack, a phishing campaign against Disney+ users or the result of credential stealing malware on users' devices," he explains.

"Credential stuffing is when cybercriminals use leaked credentials from one website which could already be for sale on the dark web and try those same credentials on other online services," says Shier. 

"This breach is a prime example of the importance of having unique passwords across all of your online services. 

"As we've seen time and time again, cybercriminals are just as lazy as the rest of us. If they can get away with using a persons previously compromised passwords across different services, that will be their default," he says.

"Excitement has been building for Disney+ and while it's in limited release, people will seek out alternative means to use the platform, even if that includes using someone else's password," Shier says. 

"It also means that cybercriminals would likely take this opportunity to send out Disney+ phishing campaigns to net as many victims as possible and cash in on the hype. 

"Opportunistic cybercriminals deploying credential stealing malware may be identifying Disney+ accounts in their collected data and offering them for sale separately because of the buzz associated with this new platform," he explains.

Unfortunately, says Shier, the Disney+ platform does not appear to offer any kind of multi-factor authentication, which would thwart these kinds of attacks against online services.

Whatever the root cause, Shier says users of online services should incorporate these tips into their everyday cybersecurity practices:

  • Dont reuse passwords, as old breaches can come back to haunt you when cybercriminals use passwords from past breaches
  • Provide as little personally identifiable information online as possible
  • All services, such as Disney+, should offer multi-factor authentication to ensure that passwords are protected and not the only means of defence.
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Cryptomining trojan malware discovered by ESET researchers
The malware, primarily targeting victims in Czechia and Slovakia, prioritises subterfuge through deployment of multiple techniques to avoid detection, and leans heavily on the Tor network and BitTorrent protocol to achieve its goals.More
Story image
Evolving threat landscape top priority for security and risk leaders
"COVID-19 has proved how rapidly and how drastically such risks can change."More
Story image
Phishing scam imitates SharePoint & OneNote for nefarious clicks
Sophos researchers say that the attackers take a slightly different approach to the standard ‘fake login’ phishing email.More
Story image
Why it’s essential to re-write IT security for the cloud era
Key components of network security architecture for the cloud era should be built from the ground up, as opposed to being bolted on to legacy solutions built for organisations functioning only on-premises or from only managed devices.More
Story image
High-tech heist: why fending off ransomware attacks is more challenging than ever in 2020
The COVID-19 crisis has unleashed a wave of sophisticated and disruptive ransomware attacks, and the onus is on businesses to ramp up their security measures if they’re to avoid falling victim, writes Attivo Networks regional director for A/NZ Jim Cook.More