Security Investigation and Ecommerce Penetration Testing

One of the biggest retailers in France with 80 stores worldwide and a couple of multilingual websites.

The company came to HackControl with a concern that they had found some third-party links on their website, which they did not post.

Our team investigated the origin of these links and pretested the resources. After that, we conducted penetration testing and found out that the website used the popular engine WordPress, where those third-party links had been placed using a mobile redirect, which forwarded all users to the paid services and subsequently could withdraw money.

Besides, we detected that the links used the code from a popular link exchange engine. We contacted the monetization providers of paid mobile applications and talked to owners of an affiliated link exchange program. It helped us to discover the payment details that the attacker had used for payment transactions from the users of the hacked websites.

Using those payment details, we Identified the attacker. This information was conveyed to the client and later to law enforcement agencies. The results of the performed activities:

  • ● fixed vulnerabilities on the site;
  • ● updated all outdated software on the server;
  • ● optimized website loading speed;
  • ● set up Anti-DDoS protection;
  • ● CDN to reduce server load connected;
  • ● removed shells and backdoors (s);
  • penetration testing not only saved clients money but with cyber investigation helped to put cybercriminals in jail.



Talk to an Expert

1. We will review your request within 2 hours and contact you.

2. We will check your company and describe the workflow.

3. We will start cybersecurity check.

    Privacy Policy

    Vitaly is a principal consultant at Hackcontrol as wall as aa business and IT thought leader. He has over 15 years of experience in consulting, account management and is a specialist in cybersecurity.