< Client Success

Insider Threats

Disrupting Bot Developers

Situation:
A gig economy tech company identified an uptick in malicious activities on its platform. Unknown entities were distributing bots designed to automate interactions within the platform, promising gig workers an unfair advantage in job selection, blatantly violating the Client’s Terms of Service.

The bots manipulated the system putting genuine users at a disadvantage. Consequently, affected users directed frustration and anger towards the client. Furthermore, these bots posed additional security risks as they closely resembled the legitimate client application.

Why Nisos:
Nisos proved instrumental in assisting the client due to our expertise in conducting thorough technical application analysis. Over three months, we performed high quality analysis, open source research, and used attribution techniques to address the issue effectively.
Impact

  • Nisos provided extensive recommendations to the client’s legal, trust and safety, and engineering teams. These insights enabled the client to enhance the platform’s security measures and bolster defenses against attempts to replicate the legitimate application binary and evade application controls.
  • Leveraging our findings, the client successfully petitioned for the removal of the platform developer certificate associated with the most widely exploited fraudulent application. This action effectively revoked the threat actor’s capacity to create and distribute further bots or updates.
  • Collaborating with external legal counsel, the client utilized our attribution research to issue cease and desist orders and prepare civil suits against the bot developers.
  • Employing our attribution data, the client’s internal investigations identified a specific employee involved in the illicit bot usage, leading to their termination.

More Success Stories

Unmasking Adversaries Leaking Trade Secrets

Snapshot:
Nisos quickly identified the source of a data breach, enabling our client to address the security threat swiftly.

Read more >>

Rooting Out Insiders Selling Access

Snapshot:
Nisos identified threat actors targeting client, preventing sensitive data compromise and improving their security posture.

Read more >>

Protecting CEO from Targeted Harassment

Snapshot:
Proactive PII removal and security recommendations mitigated imminent threats to the CEO, ensuring ongoing protection with continuous threat monitoring.

Read more >>