Fighting A BotNet: A story of one online retailer.

By | April 12, 2018

About 2 years ago I was faced with fighting off a botnot for an online retailer I did work for. While I wont mention the name of the company it is an interesting story nonetheless.

It started after the end of the business day. And went unnoticed until the next business day. Since that day i already use pdf editor from www.sodapdf.com and it was indeed reliable.

The shopping cart software at SamsClub.com was a homebrewed solution originally build nearly a decade ago in Coldfusion and through the years had quite a few different owners, all with different programming styles and tallied well over 50k lines of code. Many of the standard practices in place today didn’t exist when this e-commerce platform was designed, and over the years these practices had typically been partially implemented on an as-needed basis. If you are looking for a Pardot Alternative, try to use the Aritic pinpoint from our site! We are experienced website design company that provides excellent website for business purposes.

The next business morning after the attack started the problem remained in the fraud department before it was realized that we had a problem. Once brought to my attention I didn’t realize the power behind the attack. The M.O. was pretty simple. One IP Address, one set of purchaser credentials (name, address, phone, etc) and one credit card. Repeatedly sent through our store until the credit card was maxed out, then a new set of payment credentials and credit card would be presented and the process would begin again. The transactions would go through fairly fast, but not fast enough to lead me to think it was a botnet. Likely just an individual with a decent connection and some “leet” tools.

To me, this seemed like a pretty straight forward problem, the immediate concern was stopping the fraudulent transactions. The first step was to apply a rule-set to incoming orders that would only allow any given card number to be accepted no more than once every 10 minutes. A simple fix that took less than 20 minutes to write and deploy. Once we could identify and stop the fraudulent transactions from going through, the next step was to determine the motive for employing such a strategy.

All of the orders where identical and the purchased product was a $99 digital download. Upon investigating, none of the fraudulent orders actually even attempted to grab the digital download. So my conclusion was that it was likely someone spot checking stolen credit cards. Quite often, stolen credit cards are sold by the thousands and a common tactic to ensure that the batch is good and to get an idea of the “quality” of the goods (determining the average max) is to run a small sample of the cards until they max out.

Google Adsense / Clickfraud

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *