Kasada, provider of the most effective and easiest way to defend against advanced bot attacks, shared research by its threat intelligence team about a new, illegal use of bots – to steal pharmacy accounts and resell prescriptions on a secondary market for in-demand substances, like Oxycodone. Researchers have also identified an acceleration in this activity: over the past 60 days, the number of stolen pharmacy accounts available for sale has increased by 5x.
“By bringing this malicious activity to light, Kasada strives to raise the visibility of this often unseen and deceptive fraudulent activity and help stop criminals that exploit these vulnerabilities”
In April 2022, Kasada threat intelligence first observed the use of credential stuffing to attack pharmacies, steal active customer accounts, and exploit the distribution of prescribed medications. Credential stuffing is an automated attack where cybercriminals use lists of stolen or leaked usernames and passwords to try and login to various accounts. Once they are successful, they take over accounts (ATO) and either sell them or exploit them by making fraudulent transactions.
Also Read: Post-Upfronts Survey Finds 85% of Networks Are Increasingly Adopting New Measurement Providers
This illegal activity puts medications in the hands of people who don’t have a prescription from a doctor. As such, it enables substance abuse. It also takes prescribed medications away from the people who legitimately need them.
“This is one of the boldest, most egregious and dangerous uses of bots we’ve ever observed,” said Sam Crowther, founder and CEO of Kasada. “Because the automated tools used for these attacks are so readily available and affordable, and because the sale of stolen usernames and passwords has never been more lucrative, it is easy to see why this type of theft is growing in popularity.”
Key Findings:
Tens of thousands of stolen online pharmacy accounts are currently available for sale on underground marketplaces.
These marketplaces offer stolen accounts from both physical and online-only pharmacies, many from the top 10 U.S. pharmacies.
Over the past 60 days, the number of stolen pharmacy accounts for sale has increased 5x.
Sellers offer access to legitimate prescriptions for controlled and highly addictive substances, such as Oxycodone.
The price for a stolen account ranges from the cost of an insurance co-payment, to several hundred dollars.
Based on the volume of transactions over the past 30 days, it is estimated that a single operator can make over $25,000 per month selling stolen pharmacy accounts.
Stolen accounts often come with a guarantee – if the login or card on file doesn’t work, the provider will replace it with a new account.
To see the full report and learn exactly how this newly observed type of fraud works, click here.