GiftGhostBot is trying to defraud costumers. A new bot targeting card payment processes on websites was spotted in the wild. Called GiftGhostBot, the bot is trying to defraud consumers of the money loaded on gift cards from a wide range of retailers around the globe, with attacks being noticed on almost 1,000 customer websites. Unfortunately, any website with gift card processing capabilities could be a target.
The attacks were noticed by the Distil Networks Security Analyst team. It seems that starting on February 2016, 2017, bot activity on customer websites with gift card processing capabilities spiked.
The tactic involves fraudsters using malicious automation to test a rolling list of potential account numbers and requesting each balance. If they are successful in obtaining the balance, fraudsters can resell the account number on the dark web or use it to purchase goods.
GiftGhostBots are reportedly being distributed across worldwide hosting providers, mobile ISPs, and data centers, executing JavaScript to avoid detection. It seems the capabilities of the actors behind the bots are quite extensive and the criminals can test as many as 1.7 million gift card account numbers per hour.
Retailers aren’t leaking your sensitive data
“Like most sophisticated bot attacks, GiftGhostBot operators are moving quickly to evade detection, and any retailer that offers gift cards could be under attack at this very moment. While it is important to understand that retailers are not exposing consumers’ personal information, consumers should remain vigilant. Chef gift card balances, contact retailers and ask for more information. To prevent resources from being drained, individuals and companies must work together to prevent further damage,” said Rami Essaid, CEO of Distil Networks.
Under these circumstances, customers are trying to get their gift cards back, asking retailers to replenish them. This puts pressure on retailers to act accordingly to handle dissatisfied customers if they want to maintain their future relationship. On top of this, the business itself can also suffer besides having to pay out of pocket for the gift cards, because requests into the website could reach millions each day and potentially inundate the servers leading to slowdowns or downtime.
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.