FOCUS MODE
EXTRACT IOC
Threat Research

More Than Music: The Unseen Cybersecurity Threats of Streaming Services

admin
More Than Music: The Unseen Cybersecurity Threats of Streaming Services
In an alarming trend, attackers are increasingly targeting popular streaming services like Spotify to steal personal and financial information. Cybercriminals exploit usersโ€™ trust through phishing emails that impersonate legitimate communications from these platforms. Users are tricked into providing sensitive information by responding to deceptive requests, revealing the importance of vigilance and cybersecurity practices. Affected: Spotify, Apple Music

Keypoints :

  • Cyber attackers are using phishing tactics targeting users of streaming platforms like Spotify.
  • A spoofed email claiming payment failure was detected, urging users to log in and update their accounts.
  • The email appeared legitimate but was traced back to a different domain, confirming it was malicious.
  • Phishing attempts included hidden malicious URLs, leading to fake login pages mimicking Spotifyโ€™s branding.
  • Users unknowingly provided login credentials and credit card information, which were captured by the attackers.
  • The scheme escalated to collect further sensitive information, such as bank-issued passwords.
  • This incident highlights the need for improved cybersecurity awareness among users of online services.

MITRE Techniques :

  • Phishing (T1566): Attackers send deceptive emails designed to lure victims into providing sensitive information.
  • Credential Dumping (T1003): After victims enter their credentials on the fake site, attackers harvest these details.
  • Data Encrypted for Impact (T1486): Cybercriminals threaten users with the loss of access in order to extract financial information.

Indicator of Compromise :

  • [URL] hXXp://40[.]82[.]178[.]115/player/pt-br/
  • [IP Address] 40[.]82[.]178[.]115
  • [URL] hXXps://linktr[.]ee/faturaspotifyapp
  • [URL] hXXps://fatura-11-2024-app-spotify-app-gvcmhwbcd3aweudn[.]australiasoutheast-01[.]azurewebsites[.]net/
  • [IP Address] 13[.]77[.]50[.]115

Full Story: https://cofense.com/blog/more-than-music-the-unseen-cybersecurity-threats-of-streaming-services

Views: 22

Tags: APPLE, EXPLOIT, PASSWORD, IMPACT, FINANCIAL, PHISHING, EMAIL, BANK