Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

Avatar
Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and enable sports piracy using live streaming capture tools. The attacks involve the hijack of unauthenticated Jupyter Notebooks to establish initial access, and perform a series of actions designed to facilitate illegal live streaming of sports events, Aqua said in a report shared with The

Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and enable sports piracy using live streaming capture tools.

The attacks involve the hijack of unauthenticated Jupyter Notebooks to establish initial access, and perform a series of actions designed to facilitate illegal live streaming of sports events, Aqua said in a report shared with The Hacker News.

The covert piracy campaign within interactive environments widely used for data science applications was discovered by the cloud security firm following an attack against its honeypots.

“First, the attacker updated the server, then downloaded the tool FFmpeg,” Assaf Morag, director of threat intelligence at cloud security firm Aqua. “This action alone is not a strong enough indicator for security tools to flag malicious activity.”

“Next, the attacker executed FFmpeg to capture live streams of sports events and redirected them to their server.”

In a nutshell, the end goal of the campaign is to download FFmpeg from MediaFire and use it to record live sports events feeds from the Qatari beIN Sports network and duplicate the broadcast on their illegal server via ustream[.]tv.

It’s not clear who is behind the campaign, although there are indications that they could be of Arab-speaking origin owing to one of the IP addresses used (41.200.191[.]23).

“However, it’s crucial to remember that the attackers gained access to a server intended for data analysis, which could have serious consequences for any organization’s operations,” Morag said.

“Potential risks include denial-of-service, data manipulation, data theft, corruption of AI and ML processes, lateral movement to more critical environments, and, in the worst-case scenario, substantial financial and reputational damage.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

 The Hacker News 

Total
0
Shares
Previous Post

AI company tells SEC that $250,000 stolen in cyberattack

Next Post

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices

Related Posts

New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers

Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza. BabbleLoader is an "extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory," Intezer security
Avatar
Read More