Indian video on demand giant ZEE5 has been hacked

The Indian video on demand giant ZEE5 has been hacked, attackers are threatening to sell the database on the cybercrime underground markets.

A hacker that goes online with the moniker “John Wick” and “Korean Hackers” claim to have hacked the Indian video on demand giant ZEE5 and now is threatening to sell the database on cybercrime marketplaces.

ZEE5 is an Indian video on demand service run by Essel Group via its subsidiary Zee Entertainment Enterprises. The service had 56 million monthly active users in December 2019and has over 150 million subscribers.

In early April, the researcher Ax Sharma published a post on Medium about a dataset with some 1,023 compromised ZEE5 Premium accounts for an online streaming service.

“The origins of the incident date back to April 12th 2020, when a new data set titled, “Zee5 Premium” (archived here) emerged on Pastebin revealing email addresses and fullplaintext passwords of some Premium users.” reads the post published by the expert.

Now, Kanishk Tagade from Quickcyber confirmed the hack of the Indian video streaming giant.

“A person or a hacking group claiming to have gained access to the network of ZEE5.com, a popular Indian OTT platform, and stolen over 150GB of live data along with the source code of the site, Quickcyber has learned.” reported Tagade.

“On June 5, 2020, a hacker going by the name John wick contacted Quickcyber to tell us they had hacked into the database of Zee5.com and their code repositories on bitbucket.org.”

The alleged hacker contacted Tagade claiming to have stolen over 150GB of live data from Zee5.com and provided the following image as a proof of access to ZEE5’s private code repositories.

The attackers also posted partial data from the compromised database, and secret keys present in the source code.

The attacker threatens to expose the database and code in public for open sale soon.

The huge trove of data contains data, recent transactions, passwords, emails, mobile numbers, email addresses, messages, etc.

According to BleepingComputer, the attackers are experts from Korea that claim to be bug hunters that have already hacked more 50 Big websites without selling any data.

John Wick crew states that has have requested to ZEE5 a 10 Ethereum “donation”for their help.

Attackers use hckindia@tutanota.com, an email address that was previously observed in the defacement of several sites done by “Korean Hackers.”

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – ZEE5, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.