PSA: Streaming piracy apps are being used to steal user data

A new report reveals concerning security issues surrounding streaming piracy apps, including products that provide unauthorized access to live television channels and premium video platforms. Non-profit organization Digital Citizens Alliance has detailed the problem in a new report revealing how these apps take advantage of users to mine login credentials, steal user information, and more.

Streaming devices, such as set-top boxes and HDMI sticks, have become a common way for consumers to watch videos. These devices typically provide access to official video apps via an app store, such as the Roku Channel Store and Amazon Appstore. However, a number of guides also provide instructions on using select devices, such as the Fire TV Stick, to access pirated content.

According to the new report, hackers are targeting this 'rogue market' to spread malware among users. There are more than 12 million people in North America who are using these devices, according to the researchers, and the malware that targets them has been found to steal login credentials, upload data without permission, probe networks for vulnerabilities, and more.

The report specifically names the 'jailbroken' Fire TV Sticks and 'Kodi boxes' that have become popular among video pirates. These devices simplify access to pirated content, are simple for users to setup, and often sold through popular online shopping destinations, such as auction websites.

Examples of security issues revealed by the report include malware that forwards the user's WiFi network name and password to hackers, malware that attempts to steal login credentials for valid products like a Netflix subscription, and malware that probes for other devices on the network to infect. Despite the proliferation of this malware, the researchers noted that many consumers remain unaware of the risks.