Bots Swell ‘Piracy’ Sub-Reddit to Steal Facebook and Google Accounts

Last updated September 27, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

Users of the /r/piracy sub-Reddit are reporting that they are increasingly getting targeted by scammers who are after their Google and Facebook account credentials. This is a particularly popular sub-Reddit, counting over 400 thousand subscribers who are taking part in discussions relating to “all things piracy”. The scammers are taking advantage of the topic as well as the number of people, so they are offering fake accounts for Netflix, Spotify, Hulu, NordVPN, YouTube Red, ProtonVPN, and other content or anonymizing platforms. The scammers’ bots are posting messages on various threads, and even direct messages to several subredditors.

Of course, and as the scale of the work for this scam is very extensive, only bots could undertake this task successfully. In many of these direct messages, the subscribers are urged to download a software tool called “PremiumGet”, which will supposedly open the door to the promised platforms. PremiumGet is hosted on Mediafire and its a 51.76MB package, so the cautious would notice that the file is too big to be just a "pointer". What PremiumGet really is, is a phishing utility that asks for people’s Facebook and Google account usernames and passwords, supposedly to connect these accounts with the streaming platform and VPN services.

premiumget

image source: torrentfreak.com

Whoever posts anything on a discussion that belongs to a thread where PremiumGet is mentioned gets a direct message by the bots. Some people criticized the offerings, saying that these are obvious scams as no one would offer access to valuable platforms for free, and in these cases, the uploaders responded to the allegations by saying that the tool is not flagged by any anti-malware or anti-virus software, so it’s apparently safe. As we have repeatedly seen though, no flags or warnings by the AV tools doesn’t always mean that a piece of software is utterly safe to use.

scammer_message

image source: torrentfreak.com

As always, don’t hope that someone on Reddit  (or anywhere else) will give you something for free. Even if you like to approach such offerings with goodwill, there would never be a reason for someone to ask for your Facebook and Google account credentials in order to send you the codes for accessing the promised platforms. Finally, never download and run tools like PremiumGet, which are hosted on platforms that don’t check anything, and could very easily be malware or ransomware. In this case, PremiumGet is just a phishing tool, and this is the best-case scenario that one could have hoped for really.

Did you notice the Reddit campaign? Share any details with us in the comments down below, or on our socials, on Facebook and Twitter.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: