bots used to hijack pharmacy accounts and sell drugs illegally
Damien Black , Senior Journalist Updated on: 08 August 2022
bots used to hijack pharmacy accounts and sell drugs illegally

Image by Shutterstock

Bots are being used to take over online pharmacy accounts and sell addictive prescription drugs illegally, an alarming trend cyber-watchdog Kasada says has increased fivefold in the past couple of months.

Its researchers say this sharp increase has pushed the total number of stolen accounts for sale on the dark web into the tens of thousands, allowing unscrupulous buyers and sellers to access prescription drugs – including some based on methamphetamine and opioids – to which they are not legally entitled.

“This activity is both illegal and dangerous,” said Kasada, adding that it first noticed it in April. “It puts medications in the hands of people who don’t have a prescription from a doctor and enables substance abuse. It also takes prescribed medications away from the people who need them legitimately.”

Despite this, Kasada’s investigation found that the bot-enabled racket had received positive reviews from its illicit customers, judging by the forum’s overall ratings. The crooks behind the scheme are doubtless motivated more by money than plaudits – the cybersecurity firm estimates a single operator stands to make more than $25,000 a month in cash transfers and cryptocurrency if it is left unchecked.

bots used to hijack pharmacy accounts and sell drugs illegally

Redacted screenshot of dark web account illegally offering opioid-based drug Oxycodone for sale

“The sellers offer access to legitimate prescriptions for controlled and highly addictive substances, such as Adderall and Oxycodone,” said Kasada. “The price for a stolen account ranges from what one would normally pay with an insurance co-payment to several hundred dollars. The marketplaces offer stolen accounts from physical and online-only pharmacies, many of which are from the top 10 [sellers in the] US.”

Hijacked internet-connected devices turned into ‘zombie’ machines to do a malicious hacker’s bidding, bots have become an increasingly dangerous phenomenon in the cyber-world. But Kasada believes this is the first time they have been used to target the pharmaceutical industry in this way.

“It’s been well publicized that scalper bots ‘skip the digital line’ and purchase in-demand items such as sneakers, gaming consoles, and NFTs,” it said. “More recently, people have realized that the same bots can be repurposed to score any item or service wherever demand outpaces supply, such as baby formula, semiconductor chips, and even COVID-19 vaccine appointments.”

How bots are breaking the system

Bot-driven cybercrime helps to make billions of dollars’ worth of online fraud a reality, by automating login to test stolen credentials and perform account takeover (ATO) on key industry target machines.

“Using bots to commit ATO has been pervasive for a long time in industries such as retail, media and entertainment, and financial services,” said Kasada, adding that the pharmaceutical industry now appears to have joined this list with a vengeance.

ATOs involve using automated “account cracking tools” to facilitate credential stuffing attacks – during which a cybercriminal throws a high number of purloined personal data at a system, in the hope of finding the right combination to gain access.

“These tools perform a credential-stuffing attack on a pharmacy’s website or mobile app,” said Kasada. “By stuffing stolen usernames and passwords, the attacker can exploit the fact that consumers reuse the same credentials on different websites. A small percentage of the stolen credentials ‘work’ and allow the attacker to successfully take over accounts with legitimate login credentials.”

Upon succeeding in this initial salvo, the cyberattacker then extracts the prescription information including the account holder’s name, date of birth, phone number, and means of payment for medications. Such data can also presumably be resold elsewhere on the dark web to facilitate other forms of cybercrime, thus completing the vicious circle.

“This is one of the most egregious and dangerous uses of bots we’ve ever observed,” said Kasada. “The illegal sale of stolen pharmacy accounts can be a profitable venture, not to mention very dangerous – by enabling medications to be put into the hands of people who don’t have a prescription.”

It added: “With free, open-source tools widely available to automatically crack accounts, a bot operator can monetize this illegal activity with very little effort.”

TECH NEWS RELATED

Australia demands Optus pay for new customer ID documents

An Optus phone sign hangs above its store in Sydney, Australia, Thursday, Oct. 7, 2021. Australia’s federal and state governments on Wednesday, Sept. 28, 2022, called for Optus to pay for replacing identification documents including passports and driver’s licenses to avoid identity fraud after 9.8 million of the telecommunications ...

View more: Australia demands Optus pay for new customer ID documents

Cyberattacks a top concern across all business sizes, economic uncertainty a close second, new survey shows

Credit: Pixabay/CC0 Public Domain Cyberattacks are now so common that the majority of businesses responding to a new survey not only viewed them as their top concern but a majority saw a future attack on their organization as inevitable. An annual survey of businesses by insurance giant Travelers Cos., ...

View more: Cyberattacks a top concern across all business sizes, economic uncertainty a close second, new survey shows

Australian board directors urged to boost cybersecurity skills

Credit: Pixabay/CC0 Public Domain A University of Queensland study has identified a need to prioritize cybersecurity training for board directors, to better protect Australian organizations from cyber-attacks. Dr. Ivano Bongiovanni from the UQ Business School said his research found board directors were not always sure about their duties and ...

View more: Australian board directors urged to boost cybersecurity skills

Australian police probe purported hacker's ransom demand

A customer waits for service at a Optus phone store in Sydney, Australia, Thursday, Oct. 7, 2021. The Australian government said on Monday, Sept. 26, 2022, it was considering tougher cybersecurity rules for telecommunications companies after Optus, the nation’s second-largest wireless carrier, reported personal data of 9.8 million customers ...

View more: Australian police probe purported hacker's ransom demand

New report offers blueprint for regulation of facial recognition technology

Credit: Pixabay/CC0 Public Domain A new report from the University of Technology Sydney (UTS) Human Technology Institute outlines a model law for facial recognition technology to protect against harmful use of this technology, but also foster innovation for public benefit. Australian law was not drafted with widespread use of ...

View more: New report offers blueprint for regulation of facial recognition technology

Hackers leak French hospital patient data in ransom fight

Hackers who crippled a French hospital and stole a trove of data last month have released personal records of patients online, officials have confirmed. The cyberattackers demanded a multimillion dollar ransom from the Corbeil-Essonnes hospital near Paris a month ago, but the institution refused to pay. The hospital said the ...

View more: Hackers leak French hospital patient data in ransom fight

Python affected by 15-year-old bug that keeps on giving

In brief: The Python programming language is being impacted by security issue programmers have know about for a while. Trellix researchers recently rediscovered a bug, highlighting the risk for hundreds of thousands of software projects and creating patches for tens of thousands of them. Being one of the most ...

View more: Python affected by 15-year-old bug that keeps on giving

Quantum encryption to boost European autonomy

Credit: European Space Agency Cyberattacks and geopolitics threaten today’s increasingly digital world, leading to the disruption of essential supplies such as power and water. ESA, the European Commission and space companies in Europe are teaming up to work towards a highly secure, satellite-enabled connectivity system for the EU—based on ...

View more: Quantum encryption to boost European autonomy

Cyberattack steals passenger data from Portuguese airline

'Bad buzz': Gaming industry reels from 'Grand Theft Auto' hack

LA Unified cyberattackers demand ransom

Deepfake audio has a tell: Researchers use fluid dynamics to spot artificial imposter voices

Hackers accessed data on some American Airlines customers

'Grand Theft Auto' maker says game code stolen

Hackers are spreading malware through YouTube channels promoting game cheats

Color image encryption using an improved version of stream cipher and chaos

Hacker claims to breach Uber, security researcher says

Three questions about quantum computing and secure communications

EU wants to toughen cybersecurity rules for smart devices

FIFA 23 and other EA titles will come with controversial "kernel-mode" anti-cheat software

OTHER TECH NEWS

Top Car News Car News