50 free accounts continually streaming music rack up 20 TB in a month. So that would take about 1.5 years. Our you use 750 accounts and do it in a month.
I would say it's weird they don't rate limit accounts but probably having a device play music pretty much all the time isn't even that rare of a use case.
That’s if they pretend to stream the music. If they are using throwaway free accounts I imagine they can download the DRM-stripped files much more quickly.
Rent a dedicated server, setup mullvad wireguard on it or whatever. Download stuff to said server using wireguard.
Sure, you can also use Tor. The people engaged in copyright-related illegality generally don't.
But then you need to rent a server without leaving any hint on your real identity. Which means going to some dodgy corners of the internet.
I certainly wouldn't attempt
Depends on your threat model, you'd probably have to be scraping at a pretty large scale for anyone to try pursuing you through vpn providers.
I would guess this can be hidden under normal music streaming activity? But one would need lots of proxies!
Perhaps they leased a botnet. https://krebsonsecurity.com/2025/10/aisuru-botnet-shifts-fro...
It's hard to imagine anything but physical egress for that kind of volume.
50 free accounts continually streaming music rack up 20 TB in a month. So that would take about 1.5 years. Our you use 750 accounts and do it in a month.
I would say it's weird they don't rate limit accounts but probably having a device play music pretty much all the time isn't even that rare of a use case.
That’s if they pretend to stream the music. If they are using throwaway free accounts I imagine they can download the DRM-stripped files much more quickly.
True, but I could see them rate limiting that much more aggressively than streaming.
You can download playlists for offline use, it'll go pretty fast. I doubt they monitor it that hard.
You can probably just buy a thousand hacked spotify accounts for not much more than $1 a piece
I mean 300TB is nothing for a streaming service, like it woudn't even show on a dashboard. They probably did that over weeks which is invisible.