Forensic Analyses of a Creditcard Data Theft

Sometimes it may start with a simple nagios alarm notification about an unusual high database server CPU load. Since something else was suspicious, the customer called us asking to help him out. We investigated it and detected a possible extraction of sensitive data.

We analysed log information, compared timestamps and checked the corresponding source code of the application itself. We were able to draft up a timetable when the initial hack happened to alter the source code. The attacker modified the source code located directly on the web server to alter some part of the data encryption. In the end, the alarm of the high database server CPU load was the attackers "select * from..." to get all the unencrypted data.

Forensic investigations like this require a very good technical understand of file systems and networks. In addition, a deeper understanding of an attackers mind set and the art of hacking itself helps to develop a hunch where to look.

Talk now
to our
Pentest experts.

Contact us
Patrick Sauer, OSCP, M.Sc. Security Management
Patrick Sauer, CEO
OSCP, M.Sc. Security Management

Talk now to our Pentest experts.

Patrick Sauer, CEO
Patrick Sauer, CEO
OSCP, M.Sc. Security Management
Contact us

Penetration Testing

Since 2013 we conduct professional penetration test, based on international industry standards and years of experience in penetration testing, red teaming and hacking.

As a company for professional penetration testing, we do some things differently than other pentest provider: As a penetration test firm, we do not sell vulnerability scans as pentest. We do also focus on business security risks. You are looking for a professionally conducted penetration tests? Get the binsec team for your Pentest. Read more about our pentest service.

Contact us

Company

binsec GmbH
Solmsstraße 41
60486 Frankfurt am Main
Germany

Legal notice

Director: Patrick Sauer
Authorised Officer: Florian Zavatzki, Dominik Sauer
Registration: Frankfurt am Main, HRB97277
Turnover Tax Identification No.: DE290966808

© 2025 All rights reserved by binsec GmbH.

© 2025 All rights reserved by binsec GmbH.