It's the kind of attack that proves cybercriminals are opportunists, even during a worldwide crisis.
In the midst of attempting a massive donation project to help first responders during the coronavirus pandemic, Oregon-based footwear company KEEN experienced a cyberattack.
Coronavirus cyberattack disrupts shoe donation campaign
In the midst of the COVID-19 pandemic, KEEN wanted to do its part.
"We made a pledge to provide up to 100,000 pairs, about $10,000,000 in shoes, to the workers on the front lines and the families at home fighting through the crisis... we felt compelled to share our strengths for the common good," says KEEN's Erik Burbank.
In less than a week, the Together We Can campaign achieved its goal with the help of KEEN patrons. But cybercriminals had other plans, according to TechRepublic:
A sudden surge of codes being redeemed alerted our team to potential malicious behavior. Our team was able to manually check the codes the bots attempted to redeem and prevent the orders from going out.
The cybercriminals staged a second bot attack on Sunday where 2,000 codes were taken by bots in less than 10 minutes. The people behind the drive added an expiration time to the PINs used for authentication, which enabled the company to stay ahead of the bots and get the program back up and running in a few hours.
KEEN quickly resolved the issue and responded on Twitter:
Burbank expanded on the attack by bringing things back to the campaign:
"We wanted to start a movement of kindness and encourage people all over the world to give shoes to those who need them most. Hackers tried to take advantage of the program, but in the end, kindness prevailed."
And we are glad that kindness prevailed in the end.
