The Challenge

A retail client requested our assistance to identify an individual, who was also a paying customer, who wrote a python script that scraped a backend server. The customer had also previously published a WiFi vulnerability present at the company’s offices in the US. The client was aware of closed forums where this customer and other potential threat actors exchanged ideas about denigrating the client’s reputation, and asked Nisos to help understand the nature of the threat.

The Challenge

Malicious foreign actors were creating automated tools to abuse an e-commerce client’s platform. Using that automated process the threat actors were able to mass create and bulk manage accounts, run advertisements, and use credit cards. With those credit cards, they were able to make purchases through the client’s site, and the client’s customers and third party service providers.

A healthcare technology company suffered a wide-scale destructive compromise after an attacker targeted the Client’s backend point of sale technology and deleted all customer data.