216.73.217.86

Threat Actors Hijack Misconfigured Servers for Live Sports Streaming

· Published 19/11/2024 21:59 · Modified 20/11/2024 09:29

Export JSON

Essential information

Published
19/11/2024 21:59
Modified
20/11/2024 09:29
Tags
2024-11-19 aqua tracee ffmpeg jupyter notebook jupyterlab runtime security server hijacking sports streaming stream ripping traceeshark
Related entities
2 observables, 4 techniques (mitre), 4 others

Description

Aqua Nautilus researchers uncovered a new attack vector where threat actors exploit misconfigured and applications to hijack servers for streaming sports events. The attackers gain unauthenticated access, install , and use it to capture live streams, redirecting them to illegal servers. This activity, while seemingly minor, poses significant risks including data manipulation, theft, and potential financial damage. The researchers used and tools to analyze the attack, revealing the process of server compromise and . The campaign primarily targeted Qatari beIN Sports network broadcasts, with evidence suggesting the attackers may be of Arab-speaking origin. The attack demonstrates the importance of securing data science environments and highlights the growing threat of illegal to the entertainment industry.

External references