Pirate IPTV providers have become a pretty big deal in recent years.
Offering cut-price access to otherwise subscription TV channels, PPVs, and video-on-demand archives, customers have flocked to them in their millions.
One popular provider operating in the space is Helix Hosting but if a message that appeared on the service’s homepage is anything to go by, the Christmas period may become memorable for all the wrong reasons.
The statement, published hours ago on the official Helix Hosting homepage, claimed that Helix had been hacked and was being held to ransom. The implication of the message was typical: Helix should pay up to appease the attackers or face potential damage to their business.
“Helix Hosting Has Been Hacked – They have had the option to pay a small amount to protect its customers or have all customer details leaked online putting you all at risk,” the message read.
“They have chosen to not accept this offer and would prefer your details to be leaked online.”
The overall threat was to release the personal details of all customers and resellers of Helix but to “make it fair”, the proposed leak would also expose “at the least” one owner and/or staff member of the service along with their name, address, phone numbers, and IP addresses.
While someone had clearly placed the message on the front page of the site, other areas of the Helix site remained functional for a while. At the time the ‘hacked’ notice appeared, Helix’s app and repo indexes were functioning normally and its web player login page was also accessible.
However, as the minutes passed by, other aspects of the web portal were apparently disabled and the ransom message disappeared too. This morning, however, the ‘hacked’ message is back for all to see.
Only time will tell how this episode will end and whether the threats to go nuclear on Helix over its failure to “pay a small amount” will be carried out. It’s also unclear what information Helix holds and what use that information would be to third-parties, even if it was leaked online.
The warning currently on display still mentions a 23:00 deadline to pay the ransom but there is no indication of which day, country, or time zone that refers to. So, depending on the timing, the leak could’ve happened already, could be about to happen, or may not even happen at all.
That said, giving in to blackmail is a big decision to make, especially when copies of data are easily made leaving attackers in a position to have a second bite at the cherry on a whim.