Hacked Entertainment accounts, such as Netflix, Hulu and Disney+, are selling illegally on the Dark Web for less than $15, a 2022 Whizcase review has found.
The most abundantly available accounts are social media, with darknet markets full of hacked social media profiles retailing for just $6 per hacked account.
The cheapest hacked accounts were from Reddit, TikTok, and Pinterest, going for between $6 and $9. A hacked Instagram account is $12, while the most expensive hacked social profile was LinkedIn, which sold for around $45 per account.
The study by Whizcase offered a window on the trends and prices of illegally sold hacked social media and entertainment accounts on the dark web based on data gathered from January-September 2022.
The report unearthed a flourishing marketplace for hacked entertainment service accounts:
- LinkedIn account: $45
- Facebook account: $14
- Instagram account: $12
- Discord account: $12
- Snapchat account: $12
- TikTok account: $8
Entertainment account prices begin at as little as $6 for a SoundCloud account, Amazon Prime Video ($9), and then HBO Max is $10.
Hulu and Twitch accounts cost $11, while Spotify and Netflix retail for $12, reaching $14 for a Disney+ account and $15 for an Apple Music account.
The full data set can be found here: https://whizcase.com/dark-web-social-media-prices/
Most of these are obtained from social engineering or phishing campaigns after hackers have compromised users' email addresses used at registration.
Usually, these accounts are linked to their original owners' payment processing solution, which the hackers often compromise.
The original owners are locked out of these accounts, unable to unlink their card details from them. The only solution in these situations is to cancel the attached credit or debit card.
A hacked Gmail account is the most expensive item for communication and live chat tools at about $45. WhatsApp, Skype, and Telegram accounts can be as little as $18, $6, and $8, respectively.
Instead of selling their "loot," many hackers use compromised accounts to run "sophisticated bot farms" for social media engagement manipulation.
The advantage of this versus setting up direct bot accounts is that the hacked accounts originally belonged to real people, meaning the manipulation campaigns will be much harder to detect by social networks.
The research shows that buying social media engagement is also extremely cheap. For just $25, one could buy 1,000 Twitter retweets from seemingly legitimate accounts.
For just $8, one could buy 1,000 Facebook likes to a page or a post. It is often possible to choose the country of origin for the Likes or retweets for a few extra bucks.
Whizcase research compiler Alex Popa said: "Keeping social media and entertainment software accounts secure reduces social disruption, identity fraud, and outright theft."
He added, "The impact of such hacks and software cyberattacks could be used to help spread misinformation, scam or steal your money or gaming tokens, and, ultimately, steal your identity.
Once they breach your personal account information, attackers will go on a spending spree or commit crimes in your name."