Disney+ Accounts Hacked Within Hours of Launch

Ostra Prevents Info-Stealing Malware

Disney+ streaming service launched last week, and only hours later thousands of stolen account credentials were up for sale. Disney customer complaints flooded popular social media networks like Twitter and Reddit, reporting that hackers accessed their accounts, changed email and passwords to take over the account, locking the rightful owner out. This crime of opportunity was possible in part because users tend to reuse passwords which were leaked and used by hackers to gain access to the new Disney+ accounts. In many instances, however, passwords unique to the Disney+ streaming service were obtained through the use of “keylogging” malware.

As the name implies, this type of malware works behind the scenes of an infected computer, sniffing out the keystrokes while the system continues to operate normally. The software can steal passwords, take screen shots, record viewed web pages, grab sent emails and instant messages, as well as sensitive financial information such as credit card numbers, PIN codes, and bank accounts. All of this data is sent over the network to a remote computer or web server where the person operating the logging program can retrieve and sell it to third parties for criminal purposes.

Malware creators know that most people use popular antivirus or anti-keyloggers so they create sophisticated malware to bypass it — much like if everybody used the same door lock, the criminals would only need to learn how to pick one lock. Ostra’s security platform is different from popular anti-virus programs because it tests the intention of keylogging malware before it can install and start spying; and detects when stolen data is being transmitted.

Thousands of hacked Disney+ account illustrate how easy keylogging malware can be used for credential theft. Protect yourself from info-stealing malware with Ostra’s Enterprise Grade security solution.