As the pandemic hit globally, restricting people at their homes, thus causing a huge rise in the number of people subscribing to Netflix and other entertainment streaming services. But at the same time, it paved way for some people in illegal cyber businesses.
Australian Federal Police (AFP) recently investigated stolen subscription services which resulted in an Australian man getting sentenced for almost two years. A 23-year-old Sydney citizen, Sold at least 85,925 subscriptions to illegally access Netflix, Spotify, and Hulu, which are legitimate streaming services.
The case went to court and the court-ordered sentence for the offender. He has been ordered by the court to serve 200 hours of community service. He was involved in several online subscription services as the creator and administrator which were dependent on stolen credentials. He was also the primary financial beneficiary.
In March, at a Dee Why residence, a research investigation took place. A laptop that was used to run the operation and around AU$35,000 cryptocurrency, was confiscated as the consequence. The sentencing followed the execution of a search warrant. The current value is approximately AU$1.65 million of the combined assets of the restrained property.
The Federal Bureau of Investigation (FBI) referred information to the AFP in May 2018, after which the investigation began. AFP said that the data was about WickedGen.com which is an account generator website. WickedGen enforced selling theft account information. These were later used for online subscription services, including Netflix, Spotify, and Hulu for almost two years. This all pointed out the Australian man as the creator, administrator, and primary financial beneficiary of three more “account generator” websites which are;
A record of the past looted or stolen usernames, corresponding passwords, or email addresses were reused and also sold for malicious purposes through the credential stuffing. This helped in gathering the account information of users in Australia and abroad.
According to the reports of AFP, the offender possessed at least 152,863 registered users and he sold at least 85,925 subscriptions to illegally access legitimate streaming services like Netflix, Spotify, etc across the four subscription services to the people. By selling out subscriptions via these sites, the man earned at least AU$680,000 through PayPal.
AFP cybercrime operations commander Chris Goldsmid said.
“The harvesting and selling of personal details online was not a ‘victimless crime’ — these were the personal details of everyday people being used for someone’s greed. These types of offenses can often be a precursor to more insidious forms of data theft and manipulation, which can have greater consequences for the victims involved.”
The AFP-led Criminal Assets Confiscation Taskforce (CACT) tackled the action. The CACT was formed in 2011 as part of a multi-agency crackdown on criminal assets and comprises the AFP, Australian Criminal Intelligence Commission, Australian Taxation Office, Australian Transaction Reports and Analysis Centre, and Australian Border Force.
The man was charged with “unauthorized access to (or modification of) restricted data, dealing in proceeds of crime etc.” — money or property worth $100,000 or more, providing a circumvention service for a technological protection measure, and dealing in identification information and false or misleading information. He was charged with several cybercrimes and thus sentenced by the court.