Tag Archive for: Streaming

Best VPN for streaming: Fire Stick, Netflix & more

/in


glenn-carstens-peters-eoqhsffbhrk-unsplash.jpg

Image: Glenn Carstens Peters via Unsplash

This is a sensitive topic. Owners of entertainment content go to great lengths to control the distribution of their wares, especially when it comes to international markets for movies and TV, and even local regions for black-out sporting events. By contrast, VPN vendors go to great lengths making the case that you can use their services to bypass all those restrictions. 

But there are times where, legally, you might want to use a VPN to watch a movie or video. If you’re traveling, you can VPN back to your home country and use your home streaming service account to watch your favorite show. That said, it is, at best, a legally gray area.

VPNs and set-top boxes and streaming sticks don’t all work together well. The exception to this is the Amazon Fire TVs and Fire TV Sticks, and any Android TV box. The XGIMI Halo projector I recently spotlighted in an outdoor theatre project is one such device. But, if you’re using a Roku, and Apple TV box, or any smart TV not running Android TV, you’re forced to jump through a bunch of hoops, connecting your router up as a VPN, or connecting your TV as a client to your Mac or PC and using that machine’s VPN-protected network.

Honestly, if you want to watch streaming TV through a VPN, just get a Fire TV stick and be done with it. It’s the easiest and least expensive path.

Excellent documentation, even for streamers without native apps

express-streaming.png

  • Native Streaming Apps: Fire TV, Android TV, Nvidia Shield TV
  • Simultaneous Connections: 5 or unlimited with the router app
  • Kill Switch: Yes
  • Platforms: A whole lot (see the full list here)
  • Logging: No browsing logs, some connection…

Source…

Fraudsters Go for Olympics Gold Attacking Streaming Sites, but are Foiled by Arkose Labs

/in


Since the establishment of the Olympic Games in ancient Greece in 776 B.C., the event has been an occasion for athletes and competitors from around the world to test their skills against the very best. This year, while many of us marveled at the amazing feats in gymnastics, track & field, swimming, and more, some fraudsters were attacking streaming sites to show off their skills in the realm of credential stuffing. While they aimed for gold in this particular dark art, they were foiled by Arkose Labs. 

The Arkose Labs platform protects one of the most prominent and popular streaming media platforms, which also was one of the platforms that broadcast the Olympic games. During the games, Arkose Labs detected a much higher spike in traffic coming to the streaming platform than normal. Much of this, however, was not simply an increase in viewers coming to watch feats of athletic strength and speed, but fraudsters performing credential stuffing attacks. In fact, credential stuffing attacks spiked by 52% during the week of the opening ceremony, peaking during the closing ceremony. 

Credential stuffing is one of the major attacks that powers account takeover fraud. It is when fraudsters use automation to run millions of username and password combinations on accounts until they get a match. Years of data breaches have exposed these usernames and passwords, and large lists can be purchased on the Dark Web for relatively little. Some even post them for free on sites like Pastebin. 

Account takeover attacks are highly popular among fraudsters because of the numerous ways they can be monetized. They can drain money from an account or steal personal information and resell it to other criminals. They can use the compromised accounts to launder or move stolen money obtained from another crime. And there are many industry-specific paths to monetization as well.

RECOMMENDED RESOURCE

A New Approach to Fraud Prevention

In attacking streaming sites, fraudsters often seek to launch mass attacks at scale, since these accounts are not as lucrative as, say, financial accounts. This means fraudsters need volume to make money and gain access to as many accounts as possible to resell…

Source…

Hackers using fake streaming site to distribute BazaLoader dropper

/in


Security researchers at Proofpoint have uncovered a new phishing campaign that involves hackers luring unsuspecting Internet users into downloading the BazaLoader malware dropper by making they believe they erroneously subscribed to a movie streaming service.

The phishing campaign, first discovered in early May by Proofpoint, involved hackers setting up a fake movie-streaming website called BravoMovies and populating the site with fake movie posters and additional content to make it appear genuine to unsuspecting visitors.

The hackers then proceeded to send carefully-crafted emails to hundreds of recipients, informing them that they had subscribed to BravoMovies, that they were on a 30-day free trial, and will be charged $39.99 a month after the end of the trial period. The recipients were, however, given the option to unsubscribe by calling a customer service number. The emails themselves did not contain any malicious attachments.

Once a curious recipient of the email calls the customer service number, they are directed by the fraudsters to navigate to the Frequently Asked Questions component of the website, and follow the instructions to unsubscribe via the “Subscribtion” page, and download an Excel sheet to complete the process. According to Proofpoint, the Excel sheet contains macros that, if enabled, will download BazaLoader, a downloader written in C++ that is used to download and execute additional modules.

“BazaLoader is a downloader written in C++ that is used to download and execute additional modules. Proofpoint first observed BazaLoader in April 2020. It is currently used by multiple threat actors and frequently serves as a loader for disruptive malware including Ryuk and Conti ransomware. Proofpoint assesses with high confidence there is a strong overlap between the distribution and post-exploitation activity of BazaLoader and threat actors behind The Trick malware, also known as Trickbot,” the security firm said in a blog post.

“Proofpoint has observed BazarLoader threat actors using the method of phone-based customer service representatives to direct malicious downloads since February 2021. Security researchers have dubbed this method…

Source…

The Bizarro Streaming Site That Hackers Built From Scratch 

/in


Fake landing pages are already a staple of cybercriminal trickery. Hackers have created have created hundreds of Netflix and Disney+ knockoffs in recent years. The BazaLoader group has made fake sites before, too, including a convincing impersonation of a lingerie retailer. But BravoMovies really does go above and beyond.

“We have not seen an entire fake streaming site created before,” says Sherrod DeGrippo, senior director of threat research and detection at Proofpoint. “This is a creative next level of social engineering.”

The details don’t always hold up to close scrutiny, but they give at least a light veneer of credibility to the enterprise. The BravoMovies homepage boasts of not only HD but “Full HD” and 4K streams. Its category offerings are familiar, even if the titles are decidedly not. It advertises mainstream perks like downloads for offline viewing and compatibility with a range of devices (including, confusingly, Blu-ray players).

To create convincing thumbnail posters of films, the attackers raided design-focused social network Behance for images, along with an advertising firm and a book called How to Steal a Dog. The results tilt toward the absurd, but honestly not much more so than what you might find at the bottom of your Netflix queue.

Screenshot: Proofpoint

To the extent that errors do jump out, well… maybe they do for you. “We’ve seen phishing pages that are built on free website builder sites and look like a child made them, and those are still successful,” says Hassold. “If someone has gotten to the point that they’ve made it to this landing page, the small spelling errors that most people would likely see and would raise a red flag are probably not going to move the needle very much.”

The scope of the campaign remains unclear, as does its ultimate goal. As a backdoor, BazaLoader acts as a sort of staging area for more purpose-built malware that comes later. Think of it as the Bifröst bridge of Norse/MCU legend, but offering passage for ransomware rather than surly Viking gods. whatever else rather than than a a path ransomware and whatever else are the Asgardians that actually make trouble. ProofPoint says it hasn’t detected…

Source…