This post is sponsored by Digital Citizens Alliance @4SaferInternet

The popularity of video streaming services has taken off in the past few years. It’s become easier to stream video through smart TVs, streaming boxes that connect to your not-so-smart TV, and even streaming sticks. These devices let you stream video through popular apps like Hulu, Netflix, SlingTV, Amazon Prime Video, and YouTube TV. Unfortunately, there are other apps that let you watch illegal pirated content. And hackers are using those apps to spread malware. Here’s what you need to know.

During its probe, Digital Citizens’ cybersecurity investigators observed malware from the piracy apps stealing user names and passwords, probing user networks and surreptitiously uploading data without consent. In addition, the investigation found an illegal scheme to monetize stolen Netflix accounts and ads for premium brands such as Amazon and Mini Cooper on pirate apps.

The 12 million active users of these illicit devices in North American homes present a tempting target because they offer hackers a new avenue to exploit consumers and a path to reach other devices on a home network. The findings should serve as a wake-up call for consumers, the technology community, and policymakers to take the threat seriously.

This cybersecurity threat is alarming because the users assist in the hack by “escorting” the hacker past vital network security. And it all starts so simply. A user purchases a device loaded with apps that offer free access, for example, to the latest movies in theaters or live broadcasts of Major League Baseball games. These devices – sometimes known as “Kodi boxes” or “jailbroken Fire TV Sticks” – look and behave like a Roku box, Apple TV or other legitimate device. But instead of accessing legitimate services like Netflix or Hulu, they link to pirate apps.

Illegal pirated content is nothing new. We’ve alerted you that websites offering free movies and TV shows can infect your computer with malware.

If malicious software on the pirate app gets inside your wireless network, it may try to infect other devices connected to your network. 

This information originally appeared in Digital Citizens Alliance cybersecurity investigative report titled, “Fishing in the Piracy Stream: How the Dark Web of Entertainment is Exposing Consumers to Harm”