50 free accounts continually streaming music rack up 20 TB in a month. So that would take about 1.5 years. Our you use 750 accounts and do it in a month.
I would say it's weird they don't rate limit accounts but probably having a device play music pretty much all the time isn't even that rare of a use case.
That’s if they pretend to stream the music. If they are using throwaway free accounts I imagine they can download the DRM-stripped files much more quickly.
I would guess this can be hidden under normal music streaming activity? But one would need lots of proxies!
It's hard to imagine anything but physical egress for that kind of volume.
50 free accounts continually streaming music rack up 20 TB in a month. So that would take about 1.5 years. Our you use 750 accounts and do it in a month.
I would say it's weird they don't rate limit accounts but probably having a device play music pretty much all the time isn't even that rare of a use case.
That’s if they pretend to stream the music. If they are using throwaway free accounts I imagine they can download the DRM-stripped files much more quickly.
2 replies →
You can probably just buy a thousand hacked spotify accounts for not much more than $1 a piece
Rent a dedicated server, setup mullvad wireguard on it or whatever. Download stuff to said server using wireguard.
Sure, you can also use Tor. The people engaged in copyright-related illegality generally don't.
But then you need to rent a server without leaving any hint on your real identity. Which means going to some dodgy corners of the internet.
I certainly wouldn't attempt
Depends on your threat model, you'd probably have to be scraping at a pretty large scale for anyone to try pursuing you through vpn providers.
1 reply →
Perhaps they leased a botnet. https://krebsonsecurity.com/2025/10/aisuru-botnet-shifts-fro...
I mean 300TB is nothing for a streaming service, like it woudn't even show on a dashboard. They probably did that over weeks which is invisible.