The popular Indian video on demand ZEE5 was hacked by a hacker known by the name “John Wick” and “Korean Hackers” and he is now threatening to sell the database on cybercrime marketplaces.
ZEE5 is an Indian video on demand service run by Essel Group through its subsidiary Zee Entertainment Enterprises. It has more than 150 million subscribers and 56 million monthly active users as of December 2019.
A researcher Ax Sharma published a post in April about a dataset comprising of 1,023 Premium accounts of ZEE5. He said that the dataset appeared on Pastebin disclosing the email addresses and full plaintext passwords of some Premium users.
Now a researcher from Quickcyber, Kanishk Tagade also confirmed the hack of ZEE5.
According to his report, a person or a hacking group claimed to have gained access to the network of ZEE5.com and over 150GB of live data along with the source code of the site has been hacked.
The hacker contacted Quickcyber on 5th June to claim that they had hacked into the database of Zee5.com and also provided an image as a proof of access to ZEE5’s private code repositories.
Besides, the attackers also posted partial data from the compromised database, and secret keys present in the source code.
They threaten to expose the database and code in public for open sale soon.
The hacked data include recent transactions, passwords, emails, mobile numbers, email addresses, messages, etc.
The attackers are believed to be experts from Korea that claim to be bug hunters who have already hacked over 50 Big websites without selling any data.
Attackers use the email address [email protected], which was previously found in the defacement of several sites done by “Korean Hackers.
The John Wick crew stated that they have requested a 10 Ethereum “donation” to ZEE5 for their help.