A new investigation on stolen subscription service credentials is being launched by the official Australian Federal Police or AFP. This then resulted in a sentence of two years and two months for a certain man from Sydney. The 23-year-old was given a sentence to be served by way of what was noted as an "intensive corrections order."
Online Subscription Service Scam
According to ZDnet, the order was served due to the man's involvement as a creator, administrator, and even the primary financial beneficiary of a lot of different online subscription services, which actually relied heavily on stolen credentials. He also reportedly had been ordered to serve 200 hours of community service by the court.
The sentencing followed the search warrant back in March at a certain Dee Why residence. It resulted in the seizure of a particular laptop that was reportedly used to run this operation as well as about AU$35,000 in cryptocurrency. The combined assets of the supposed restrained property currently has a value of about AU$1.65 million.
FBI on AFP Findings
The investigation reportedly began shortly after the official Federal Bureau of Investigation or (FBI) had referred information to the AFP back in May of 2018. According to the AFP, the information was actually regarding a certain account generator website that was called WickedGen.com. WickedGen actually operated for about two years by selling stolen account details for certain online subscription services which include Spotify, Netflix, and Hulu.
The AFP also said that it was able to further identify the Sydney man to be the actual creator, administrator, and still the primary financial beneficiary of three other "account generator" websites called HyperGen, Autoflix, and also AccountBot. The account details of certain users in Australia as well as abroad were then confirmed through actual credential stuffing.
Stolen Credentials for Netflix, Spotify, and Hulu
This man's act allows the list of previously stolen or otherwise leaked usernames, email ads, and their corresponding passwords to all be re-used and even sold for unauthorized use. The AFP also came across four other subscription services wherein the offender had over 152,863 registered users and also provided at least 85,925 subscriptions for people to illegally access the legitimate streaming services.
The man then received over AU$680,000 through PayPal, according to AFP, by selling subscriptions through these different sites. According to an article by MirageNews, the harvesting and the selling of people's personal details online was more than just a "victimless crime" since they were still personal details of other everyday people that were used for people's greed.
The statement was according to Chris Goldsmid, AFP cybercrime operations commander who also noted that it was also these types of offences that can often be an actual precursor move towards even more insidious forms of data theft and data manipulation. These can then have higher consequences for the other victims involved.
This article is owned by Tech Times
Written by Urian B.