Jay-Z backed music streaming service Tidal is drowning under competition. Although it recently celebrated signing up 1 million people, main rival Spotify boasts over 20 million paying users, and just grabbed the top grossing spot in the US iOS App Store. Motherboard reporter Kari Paul thought the company's recent big-budget concert was disappointing, and according to a Billboard survey, many music executives think the service will fall apart within a year.
To round it all off, it seems hackers or fraudsters are now offering Tidal accounts for as little as $1 each on the dark web. If ordered through Tidal's website, "Premium" accounts cost $9.99 per month, and "HiFi" accounts, with increased audio quality, cost $19.99.
"5x TIDAL Music [Lifetime Accounts]," one listing on dark web marketplace Nucleus reads. It offers all of the accounts for just $5, payable in Bitcoin. Another listing on a second market, AlphaBay, advertises a "Premium Account" for $12.
On Grams, a search engine for the dark web markets, there are 27 listings for Tidal accounts, including some on other marketplaces such as Middle Earth and Abraxas. Many of the vendors advertise bundles of up to ten accounts at a time.
It appears that some of the accounts may be existing user accounts that have been compromised by hackers, similar to how Motherboard reported accounts for taxi company Uber were hacked.
But Tidal offered an alternative explanation for where these illicit accounts might have come from. "To clarify, this is not a hack, but rather fraudulent credit cards that certain users have used to create accounts," Rune Lending, the company's CTO, told Motherboard in an email. In other words, fraudsters are obtaining stolen credit card details, and then using them to set up fresh Tidal accounts and sell them on.
"Tidal's web security team immediately analyzes any reported hacked accounts and rumored hack recipes; and has found no evidence of the Tidal system being at risk or any of our users using their normal payment methods being hacked," Lending continued. "Further, our user accounts are not at risk, and their accounts are not being distributed; rather the new fraudulent accounts are caught when the respective payment providers report back to Tidal, in which cases we stop the accounts."
Motherboard found evidence, however, that some of the accounts on sale on the dark web were likely hacked. One hacking forum on the surface web has a thread dedicated to a Tidal "config," posted in July. A config, or configuration, is a file used by an account cracking program to help hackers quickly break into accounts on websites. In essence, the configuration file tells the program how to interact with the website, so the computer can cycle through different login credentials as quickly as possible.
These login details—typically lists of email addresses and passwords—are usually sourced from hacks of other companies. If an account holder registers a password on Tidal that they also used on another website which was then compromised, their login details could be vulnerable.
There's evidence that a few people are buying the dark web Tidal accounts. "Great account!!!" one positive piece of feedback left on a listing reads. "Perfect!" says another.
But it's hardly a particularly popular product. Only three $12 premium accounts on AlphaBay have been purchased since July, according to the listing.
Compare that to Spotify, where it appears thousands of hacked accounts have been sold. Just one listing on AlphaBay has apparently led to nearly 900 purchases, and Grams lists over 100 listings that are live at the moment, some of which are selling 100 accounts at a time.
Individual Spotify logins seem to go for a similar price as Tidal logins, with some hovering around the $1.95 mark.
Even hackers, it seems, haven't had much success getting people to use Tidal.