Security News Roku warns 576,000 accounts hacked in new credential stuffing attacks


Level 78
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
Roku warns that 576,000 accounts were hacked in new credential stuffing attacks after disclosing another incident that compromised 15,000 accounts in early March.

The company said the attackers used login information stolen from other online platforms to breach as many active Roku accounts as possible in credential stuffing attacks.

In such attacks, the threat actors leverage automated tools to attempt millions of logins using a list of user/password pairs, with this technique being particularly effective against accounts whose owners have reused the same login information across multiple platforms.

"After concluding our investigation of [the] first incident, we [..] continued to monitor account activity closely [and] we identified a second incident, which impacted approximately 576,000 additional accounts," Roku said on Friday.

"There is no indication that Roku was the source of the account credentials used in these attacks or that Roku's systems were compromised in either incident."

"In less than 400 cases, malicious actors logged in and made unauthorized purchases of streaming service subscriptions and Roku hardware products using the payment method stored in these accounts, but they did not gain access to any sensitive information, including full credit card numbers or other full payment information."

As BleepingComputer reported in March, threat actors are using credential stuffing attacks with Open Bullet 2 or SilverBullet cracking tools to compromise Roku accounts, which are then sold for as little as 50 cents on illegal marketplaces.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.