Bot Attacking Gift Card Accounts

March 27, 2017

It's the gift that keeps on giving for cybercriminals. The accounts connected to gift cards are being wiped out as quickly as a teenager with cash at a shopping mall.

Luxury retailers, supermarkets, and major coffee distributors with gift card processing capabilities are all the target of a new widespread cybersecurity attack.

Hackers are using a bot, dubbed GiftGhostBot, to test a list of potential gift card account numbers at a rate of 1.7 million gift card numbers per hour. It is believed that once they correctly identify gift card numbers, they are draining balances for resale on the dark web. On one retail customer site, there have been peaks of over 4 million requests per hour, nearly 10 times their normal level of traffic.

The company that identified the attack, Distil Networks, has tracked activity on nearly 1,000 customer websites. In several instances, over half of the traffic on the website was on the gift card page alone, indicating a very targeted attack.

Read the Article

Previous Article
Distil: Bot Attacking Websites in Effort to Steal Gift Card Balances
Distil: Bot Attacking Websites in Effort to Steal Gift Card Balances

Security firm Distil Networks said it has uncovered a new kind of malicious bot that has attacked almost 1,...

Next Article
Cyber-thieves Using GiftGhostBot to Steal Gift Card Balances
Cyber-thieves Using GiftGhostBot to Steal Gift Card Balances

Security vendor Distil Networks announced on March 24 that it has discovered an automated bot it is calling...